OpenVPN
socket.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23#ifdef HAVE_CONFIG_H
24#include "config.h"
25#endif
26
27#include "syshead.h"
28
29#include "socket.h"
30#include "fdmisc.h"
31#include "misc.h"
32#include "gremlin.h"
33#include "plugin.h"
34#include "ps.h"
35#include "run_command.h"
36#include "manage.h"
37#include "misc.h"
38#include "manage.h"
39#include "openvpn.h"
40#include "forward.h"
41
42#include "memdbg.h"
43
44bool
45sockets_read_residual(const struct context *c)
46{
47 int i;
48
49 for (i = 0; i < c->c1.link_sockets_num; i++)
50 {
51 if (c->c2.link_sockets[i]->stream_buf.residual_fully_formed)
52 {
53 return true;
54 }
55 }
56 return false;
57}
58
59/*
60 * Convert sockflags/getaddr_flags into getaddr_flags
61 */
62static unsigned int
63sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
64{
65 if (sockflags & SF_HOST_RANDOMIZE)
66 {
67 return getaddr_flags | GETADDR_RANDOMIZE;
68 }
69 else
70 {
71 return getaddr_flags;
72 }
73}
74
75#if defined(__GNUC__) || defined(__clang__)
76#pragma GCC diagnostic push
77#pragma GCC diagnostic ignored "-Wconversion"
78#endif
79
80/*
81 * Functions related to the translation of DNS names to IP addresses.
82 */
83static int
84get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network,
85 unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info,
86 msglvl_t msglevel)
87{
88 char *endp, *sep, *var_host = NULL;
89 struct addrinfo *ai = NULL;
90 unsigned long bits;
91 uint8_t max_bits;
92 int ret = -1;
93
94 if (!hostname)
95 {
96 msg(M_NONFATAL, "Can't resolve null hostname!");
97 goto out;
98 }
99
100 /* assign family specific default values */
101 switch (af)
102 {
103 case AF_INET:
104 bits = 0;
105 max_bits = sizeof(in_addr_t) * 8;
106 break;
107
108 case AF_INET6:
109 bits = 64;
110 max_bits = sizeof(struct in6_addr) * 8;
111 break;
112
113 default:
114 msg(M_WARN, "Unsupported AF family passed to getaddrinfo for %s (%d)", hostname, af);
115 goto out;
116 }
117
118 /* we need to modify the hostname received as input, but we don't want to
119 * touch it directly as it might be a constant string.
120 *
121 * Therefore, we clone the string here and free it at the end of the
122 * function */
123 var_host = strdup(hostname);
124 if (!var_host)
125 {
126 msg(M_NONFATAL | M_ERRNO, "Can't allocate hostname buffer for getaddrinfo");
127 goto out;
128 }
129
130 /* check if this hostname has a /bits suffix */
131 sep = strchr(var_host, '/');
132 if (sep)
133 {
134 bits = strtoul(sep + 1, &endp, 10);
135 if ((*endp != '\0') || (bits > max_bits))
136 {
137 msg(msglevel, "IP prefix '%s': invalid '/bits' spec (%s)", hostname, sep + 1);
138 goto out;
139 }
140 *sep = '\0';
141 }
142
143 ret = openvpn_getaddrinfo(flags & ~GETADDR_HOST_ORDER, var_host, NULL, resolve_retry_seconds,
144 sig_info, af, &ai);
145 if ((ret == 0) && network)
146 {
147 struct in6_addr *ip6;
148 in_addr_t *ip4;
149
150 if (af != ai->ai_family)
151 {
152 msg(msglevel, "Can't parse %s as IPv%d address", var_host, (af == AF_INET) ? 4 : 6);
153 ret = -1;
154 goto out;
155 }
156
157 switch (af)
158 {
159 case AF_INET:
160 ip4 = network;
161 *ip4 = ((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr;
162
163 if (flags & GETADDR_HOST_ORDER)
164 {
165 *ip4 = ntohl(*ip4);
166 }
167 break;
168
169 case AF_INET6:
170 ip6 = network;
171 *ip6 = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr;
172 break;
173
174 default:
175 /* can't get here because 'af' was previously checked */
176 msg(M_WARN, "Unsupported AF family for %s (%d)", var_host, af);
177 goto out;
178 }
179 }
180
181 if (netbits)
182 {
183 *netbits = bits;
184 }
185
186 /* restore '/' separator, if any */
187 if (sep)
188 {
189 *sep = '/';
190 }
191out:
192 freeaddrinfo(ai);
193 free(var_host);
194
195 return ret;
196}
197
198in_addr_t
199getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded,
200 struct signal_info *sig_info)
201{
202 in_addr_t addr;
203 int status;
204
205 status = get_addr_generic(AF_INET, flags, hostname, &addr, NULL, resolve_retry_seconds,
206 sig_info, M_WARN);
207 if (status == 0)
208 {
209 if (succeeded)
210 {
211 *succeeded = true;
212 }
213 return addr;
214 }
215 else
216 {
217 if (succeeded)
218 {
219 *succeeded = false;
220 }
221 return 0;
222 }
223}
224
225bool
226get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits,
227 msglvl_t msglevel)
228{
229 if (get_addr_generic(AF_INET6, GETADDR_RESOLVE, hostname, network, netbits, 0, NULL, msglevel)
230 < 0)
231 {
232 return false;
233 }
234
235 return true; /* parsing OK, values set */
236}
237
238static inline bool
239streqnull(const char *a, const char *b)
240{
241 if (a == NULL && b == NULL)
242 {
243 return true;
244 }
245 else if (a == NULL || b == NULL)
246 {
247 return false;
248 }
249 else
250 {
251 return streq(a, b);
252 }
253}
254
255/*
256 * get_cached_dns_entry return 0 on success and -1
257 * otherwise. (like getaddrinfo)
258 */
259static int
260get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname,
261 int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
262{
263 struct cached_dns_entry *ph;
264 unsigned int flags;
265
266 /* Only use flags that are relevant for the structure */
267 flags = resolve_flags & GETADDR_CACHE_MASK;
268
269 for (ph = dns_cache; ph; ph = ph->next)
270 {
271 if (streqnull(ph->hostname, hostname) && streqnull(ph->servname, servname)
272 && ph->ai_family == ai_family && ph->flags == flags)
273 {
274 *ai = ph->ai;
275 return 0;
276 }
277 }
278 return -1;
279}
280
281
282static int
283do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af,
284 const unsigned int flags)
285{
286 struct addrinfo *ai;
287 int status;
288
289 if (get_cached_dns_entry(c->c1.dns_cache, hostname, servname, af, flags, &ai) == 0)
290 {
291 /* entry already cached, return success */
292 return 0;
293 }
294
295 status = openvpn_getaddrinfo(flags, hostname, servname, c->options.resolve_retry_seconds, NULL,
296 af, &ai);
297 if (status == 0)
298 {
299 struct cached_dns_entry *ph;
300
301 ALLOC_OBJ_CLEAR_GC(ph, struct cached_dns_entry, &c->gc);
302 ph->ai = ai;
303 ph->hostname = hostname;
304 ph->servname = servname;
305 ph->flags = flags & GETADDR_CACHE_MASK;
306
307 if (!c->c1.dns_cache)
308 {
309 c->c1.dns_cache = ph;
310 }
311 else
312 {
313 struct cached_dns_entry *prev = c->c1.dns_cache;
314 while (prev->next)
315 {
316 prev = prev->next;
317 }
318 prev->next = ph;
319 }
320
321 gc_addspecial(ai, &gc_freeaddrinfo_callback, &c->gc);
322 }
323 return status;
324}
325
326void
327do_preresolve(struct context *c)
328{
329 struct connection_list *l = c->options.connection_list;
330 const unsigned int preresolve_flags = GETADDR_RESOLVE | GETADDR_UPDATE_MANAGEMENT_STATE
331 | GETADDR_MENTION_RESOLVE_RETRY | GETADDR_FATAL;
332
333
334 for (int i = 0; i < l->len; ++i)
335 {
336 int status;
337 const char *remote;
338 unsigned int flags = preresolve_flags;
339
340 struct connection_entry *ce = l->array[i];
341
342 if (proto_is_dgram(ce->proto))
343 {
344 flags |= GETADDR_DATAGRAM;
345 }
346
347 if (c->options.sockflags & SF_HOST_RANDOMIZE)
348 {
349 flags |= GETADDR_RANDOMIZE;
350 }
351
352 if (c->options.ip_remote_hint)
353 {
354 remote = c->options.ip_remote_hint;
355 }
356 else
357 {
358 remote = ce->remote;
359 }
360
361 /* HTTP remote hostname does not need to be resolved */
362 if (!ce->http_proxy_options)
363 {
364 status = do_preresolve_host(c, remote, ce->remote_port, ce->af, flags);
365 if (status != 0)
366 {
367 goto err;
368 }
369 }
370
371 /* Preresolve proxy */
372 if (ce->http_proxy_options)
373 {
374 status = do_preresolve_host(c, ce->http_proxy_options->server,
375 ce->http_proxy_options->port, ce->af, preresolve_flags);
376
377 if (status != 0)
378 {
379 goto err;
380 }
381 }
382
383 if (ce->socks_proxy_server)
384 {
385 status =
386 do_preresolve_host(c, ce->socks_proxy_server, ce->socks_proxy_port, ce->af, flags);
387 if (status != 0)
388 {
389 goto err;
390 }
391 }
392
393 if (ce->bind_local)
394 {
395 flags |= GETADDR_PASSIVE;
396 flags &= ~GETADDR_RANDOMIZE;
397
398 for (int j = 0; j < ce->local_list->len; j++)
399 {
400 struct local_entry *le = ce->local_list->array[j];
401
402 if (!le->local)
403 {
404 continue;
405 }
406
407 status = do_preresolve_host(c, le->local, le->port, ce->af, flags);
408 if (status != 0)
409 {
410 goto err;
411 }
412 }
413 }
414 }
415 return;
416
417err:
418 throw_signal_soft(SIGHUP, "Preresolving failed");
419}
420
421static int
422socket_get_sndbuf(socket_descriptor_t sd)
423{
424#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
425 int val;
426 socklen_t len;
427
428 len = sizeof(val);
429 if (getsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&val, &len) == 0 && len == sizeof(val))
430 {
431 return val;
432 }
433#endif
434 return 0;
435}
436
437static void
438socket_set_sndbuf(socket_descriptor_t sd, int size)
439{
440#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
441 if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&size, sizeof(size)) != 0)
442 {
443 msg(M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size);
444 }
445#endif
446}
447
448static int
449socket_get_rcvbuf(socket_descriptor_t sd)
450{
451#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
452 int val;
453 socklen_t len;
454
455 len = sizeof(val);
456 if (getsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&val, &len) == 0 && len == sizeof(val))
457 {
458 return val;
459 }
460#endif
461 return 0;
462}
463
464static bool
465socket_set_rcvbuf(socket_descriptor_t sd, int size)
466{
467#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
468 if (setsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&size, sizeof(size)) != 0)
469 {
470 msg(M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size);
471 return false;
472 }
473 return true;
474#endif
475}
476
477void
478socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
479{
480 if (sbs)
481 {
482 const int sndbuf_old = socket_get_sndbuf(fd);
483 const int rcvbuf_old = socket_get_rcvbuf(fd);
484
485 if (sbs->sndbuf && (reduce_size || sndbuf_old < sbs->sndbuf))
486 {
487 socket_set_sndbuf(fd, sbs->sndbuf);
488 }
489
490 if (sbs->rcvbuf && (reduce_size || rcvbuf_old < sbs->rcvbuf))
491 {
492 socket_set_rcvbuf(fd, sbs->rcvbuf);
493 }
494
495 msg(D_OSBUF, "Socket Buffers: R=[%d->%d] S=[%d->%d]", rcvbuf_old, socket_get_rcvbuf(fd),
496 sndbuf_old, socket_get_sndbuf(fd));
497 }
498}
499
500/*
501 * Set other socket options
502 */
503
504static bool
505socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
506{
507#if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY))
508 if (setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (void *)&state, sizeof(state)) != 0)
509 {
510 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed", state);
511 return false;
512 }
513 else
514 {
515 dmsg(D_OSBUF, "Socket flags: TCP_NODELAY=%d succeeded", state);
516 return true;
517 }
518#else /* if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY)) */
519 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed (No kernel support)", state);
520 return false;
521#endif
522}
523
524static inline void
525socket_set_mark(socket_descriptor_t sd, int mark)
526{
527#if defined(TARGET_LINUX)
528 if (mark && setsockopt(sd, SOL_SOCKET, SO_MARK, (void *)&mark, sizeof(mark)) != 0)
529 {
530 msg(M_WARN, "NOTE: setsockopt SO_MARK=%d failed", mark);
531 }
532#endif
533}
534
535static bool
536socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
537{
538 /* SF_TCP_NODELAY doesn't make sense for dco-win */
539 if ((sockflags & SF_TCP_NODELAY) && (!(sockflags & SF_DCO_WIN)))
540 {
541 return socket_set_tcp_nodelay(sd, 1);
542 }
543 else
544 {
545 return true;
546 }
547}
548
549bool
550link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
551{
552 if (sock && socket_defined(sock->sd))
553 {
554 sock->sockflags |= sockflags;
555 return socket_set_flags(sock->sd, sock->sockflags);
556 }
557 else
558 {
559 return false;
560 }
561}
562
563void
564link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
565{
566 if (sock && socket_defined(sock->sd))
567 {
568 sock->socket_buffer_sizes.sndbuf = sndbuf;
569 sock->socket_buffer_sizes.rcvbuf = rcvbuf;
570 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
571 }
572}
573
574/*
575 * SOCKET INITIALIZATION CODE.
576 * Create a TCP/UDP socket
577 */
578
579socket_descriptor_t
580create_socket_tcp(struct addrinfo *addrinfo)
581{
582 socket_descriptor_t sd;
583
584 ASSERT(addrinfo);
585 ASSERT(addrinfo->ai_socktype == SOCK_STREAM);
586
587 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol))
588 == SOCKET_UNDEFINED)
589 {
590 msg(M_ERR, "Cannot create TCP socket");
591 }
592
593#ifndef _WIN32 /* using SO_REUSEADDR on Windows will cause bind to succeed on port conflicts! */
594 /* set SO_REUSEADDR on socket */
595 {
596 int on = 1;
597 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)) < 0)
598 {
599 msg(M_ERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP socket");
600 }
601 }
602#endif
603
604 /* set socket file descriptor to not pass across execs, so that
605 * scripts don't have access to it */
606 set_cloexec(sd);
607
608 return sd;
609}
610
611static socket_descriptor_t
612create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
613{
614 socket_descriptor_t sd;
615
616 ASSERT(addrinfo);
617 ASSERT(addrinfo->ai_socktype == SOCK_DGRAM);
618
619 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol))
620 == SOCKET_UNDEFINED)
621 {
622 msg(M_ERR, "UDP: Cannot create UDP/UDP6 socket");
623 }
624#if ENABLE_IP_PKTINFO
625 else if (flags & SF_USE_IP_PKTINFO)
626 {
627 int pad = 1;
628 if (addrinfo->ai_family == AF_INET)
629 {
630#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
631 if (setsockopt(sd, SOL_IP, IP_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
632 {
633 msg(M_ERR, "UDP: failed setsockopt for IP_PKTINFO");
634 }
635#elif defined(IP_RECVDSTADDR)
636 if (setsockopt(sd, IPPROTO_IP, IP_RECVDSTADDR, (void *)&pad, sizeof(pad)) < 0)
637 {
638 msg(M_ERR, "UDP: failed setsockopt for IP_RECVDSTADDR");
639 }
640#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
641#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
642#endif
643 }
644 else if (addrinfo->ai_family == AF_INET6)
645 {
646#ifndef IPV6_RECVPKTINFO /* Some older Darwin platforms require this */
647 if (setsockopt(sd, IPPROTO_IPV6, IPV6_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
648#else
649 if (setsockopt(sd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (void *)&pad, sizeof(pad)) < 0)
650#endif
651 {
652 msg(M_ERR, "UDP: failed setsockopt for IPV6_RECVPKTINFO");
653 }
654 }
655 }
656#endif /* if ENABLE_IP_PKTINFO */
657
658 /* set socket file descriptor to not pass across execs, so that
659 * scripts don't have access to it */
660 set_cloexec(sd);
661
662 return sd;
663}
664
665static void
666bind_local(struct link_socket *sock, const sa_family_t ai_family)
667{
668 /* bind to local address/port */
669 if (sock->bind_local)
670 {
671 if (sock->socks_proxy && sock->info.proto == PROTO_UDP)
672 {
673 socket_bind(sock->ctrl_sd, sock->info.lsa->bind_local, ai_family, "SOCKS", false);
674 }
675 else
676 {
677 socket_bind(sock->sd, sock->info.lsa->bind_local, ai_family, "TCP/UDP",
678 sock->info.bind_ipv6_only);
679 }
680 }
681}
682
683static void
684create_socket(struct link_socket *sock, struct addrinfo *addr)
685{
686 if (addr->ai_protocol == IPPROTO_UDP || addr->ai_socktype == SOCK_DGRAM)
687 {
688 sock->sd = create_socket_udp(addr, sock->sockflags);
689 sock->sockflags |= SF_GETADDRINFO_DGRAM;
690
691 /* Assume that control socket and data socket to the socks proxy
692 * are using the same IP family */
693 if (sock->socks_proxy)
694 {
695 /* Construct a temporary addrinfo to create the socket,
696 * currently resolve two remote addresses is not supported,
697 * TODO: Rewrite the whole resolve_remote */
698 struct addrinfo addrinfo_tmp = *addr;
699 addrinfo_tmp.ai_socktype = SOCK_STREAM;
700 addrinfo_tmp.ai_protocol = IPPROTO_TCP;
701 sock->ctrl_sd = create_socket_tcp(&addrinfo_tmp);
702 }
703 }
704 else if (addr->ai_protocol == IPPROTO_TCP || addr->ai_socktype == SOCK_STREAM)
705 {
706 sock->sd = create_socket_tcp(addr);
707 }
708 else
709 {
710 ASSERT(0);
711 }
712 /* Set af field of sock->info, so it always reflects the address family
713 * of the created socket */
714 sock->info.af = addr->ai_family;
715
716 /* set socket buffers based on --sndbuf and --rcvbuf options */
717 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
718
719 /* set socket to --mark packets with given value */
720 socket_set_mark(sock->sd, sock->mark);
721
722#if defined(TARGET_LINUX)
723 if (sock->bind_dev)
724 {
725 msg(M_INFO, "Using bind-dev %s", sock->bind_dev);
726 if (setsockopt(sock->sd, SOL_SOCKET, SO_BINDTODEVICE, sock->bind_dev,
727 strlen(sock->bind_dev) + 1)
728 != 0)
729 {
730 msg(M_WARN | M_ERRNO, "WARN: setsockopt SO_BINDTODEVICE=%s failed", sock->bind_dev);
731 }
732 }
733#endif
734
735 bind_local(sock, addr->ai_family);
736}
737
738#ifdef TARGET_ANDROID
739static void
740protect_fd_nonlocal(int fd, const struct sockaddr *addr)
741{
742 if (!management)
743 {
744 msg(M_FATAL, "Required management interface not available.");
745 }
746
747 /* pass socket FD to management interface to pass on to VPNService API
748 * as "protected socket" (exempt from being routed into tunnel)
749 */
750 if (addr_local(addr))
751 {
752 msg(D_SOCKET_DEBUG, "Address is local, not protecting socket fd %d", fd);
753 return;
754 }
755
756 msg(D_SOCKET_DEBUG, "Protecting socket fd %d", fd);
757 management->connection.fdtosend = fd;
758 management_android_control(management, "PROTECTFD", __func__);
759}
760#endif
761
762/*
763 * Functions used for establishing a TCP stream connection.
764 */
765static void
766socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen,
767 bool do_set_nonblock)
768{
769 struct gc_arena gc = gc_new();
770 if (do_listen)
771 {
772 ASSERT(local);
773 msg(M_INFO, "Listening for incoming TCP connection on %s",
774 print_sockaddr(local->ai_addr, &gc));
775 if (listen(sd, 32))
776 {
777 msg(M_ERR, "TCP: listen() failed");
778 }
779 }
780
781 /* set socket to non-blocking mode */
782 if (do_set_nonblock)
783 {
784 set_nonblock(sd);
785 }
786
787 gc_free(&gc);
788}
789
790socket_descriptor_t
791socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
792{
793 /* af_addr_size WILL return 0 in this case if AFs other than AF_INET
794 * are compiled because act is empty here.
795 * could use getsockname() to support later remote_len check
796 */
797 socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family);
798 socklen_t remote_len = sizeof(act->dest.addr);
799 socket_descriptor_t new_sd = SOCKET_UNDEFINED;
800
801 CLEAR(*act);
802
803 if (nowait)
804 {
805 new_sd = getpeername(sd, &act->dest.addr.sa, &remote_len);
806
807 if (!socket_defined(new_sd))
808 {
809 msg(D_LINK_ERRORS | M_ERRNO, "TCP: getpeername() failed");
810 }
811 else
812 {
813 new_sd = sd;
814 }
815 }
816 else
817 {
818 new_sd = accept(sd, &act->dest.addr.sa, &remote_len);
819 }
820
821#if 0 /* For debugging only, test the effect of accept() failures */
822 {
823 static int foo = 0;
824 ++foo;
825 if (foo & 1)
826 {
827 new_sd = -1;
828 }
829 }
830#endif
831
832 if (!socket_defined(new_sd))
833 {
834 msg(D_LINK_ERRORS | M_ERRNO, "TCP: accept(%d) failed", (int)sd);
835 }
836 /* only valid if we have remote_len_af!=0 */
837 else if (remote_len_af && remote_len != remote_len_af)
838 {
839 msg(D_LINK_ERRORS,
840 "TCP: Received strange incoming connection with unknown address length=%d", remote_len);
841 openvpn_close_socket(new_sd);
842 new_sd = SOCKET_UNDEFINED;
843 }
844 else
845 {
846 /* set socket file descriptor to not pass across execs, so that
847 * scripts don't have access to it */
848 set_cloexec(new_sd);
849 }
850 return new_sd;
851}
852
853static void
854tcp_connection_established(const struct link_socket_actual *act)
855{
856 struct gc_arena gc = gc_new();
857 msg(M_INFO, "TCP connection established with %s", print_link_socket_actual(act, &gc));
858 gc_free(&gc);
859}
860
861#if defined(__GNUC__) || defined(__clang__)
862#pragma GCC diagnostic pop
863#endif
864
865static socket_descriptor_t
866socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act,
867 const char *remote_dynamic, const struct addrinfo *local, bool do_listen,
868 bool nowait, volatile int *signal_received)
869{
870 struct gc_arena gc = gc_new();
871 /* struct openvpn_sockaddr *remote = &act->dest; */
872 struct openvpn_sockaddr remote_verify = act->dest;
873 socket_descriptor_t new_sd = SOCKET_UNDEFINED;
874
875 CLEAR(*act);
876 socket_do_listen(sd, local, do_listen, true);
877
878 while (true)
879 {
880 int status;
881 fd_set reads;
882 struct timeval tv;
883
884 FD_ZERO(&reads);
885 openvpn_fd_set(sd, &reads);
886 tv.tv_sec = 0;
887 tv.tv_usec = 0;
888
889 status = openvpn_select(sd + 1, &reads, NULL, NULL, &tv);
890
891 get_signal(signal_received);
892 if (*signal_received)
893 {
894 gc_free(&gc);
895 return sd;
896 }
897
898 if (status < 0)
899 {
900 msg(D_LINK_ERRORS | M_ERRNO, "TCP: select() failed");
901 }
902
903 if (status <= 0)
904 {
905 management_sleep(1);
906 continue;
907 }
908
909 new_sd = socket_do_accept(sd, act, nowait);
910
911 if (socket_defined(new_sd))
912 {
913 struct addrinfo *ai = NULL;
914 if (remote_dynamic)
915 {
916 openvpn_getaddrinfo(0, remote_dynamic, NULL, 1, NULL,
917 remote_verify.addr.sa.sa_family, &ai);
918 }
919
920 if (ai && !addrlist_match(&remote_verify, ai))
921 {
922 msg(M_WARN, "TCP NOTE: Rejected connection attempt from %s due to --remote setting",
923 print_link_socket_actual(act, &gc));
924 if (openvpn_close_socket(new_sd))
925 {
926 msg(M_ERR, "TCP: close socket failed (new_sd)");
927 }
928 freeaddrinfo(ai);
929 }
930 else
931 {
932 if (ai)
933 {
934 freeaddrinfo(ai);
935 }
936 break;
937 }
938 }
939 management_sleep(1);
940 }
941
942 if (!nowait && openvpn_close_socket(sd))
943 {
944 msg(M_ERR, "TCP: close socket failed (sd)");
945 }
946
947 tcp_connection_established(act);
948
949 gc_free(&gc);
950 return new_sd;
951}
952
953void
954socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix,
955 bool ipv6only)
956{
957 struct gc_arena gc = gc_new();
958
959 /* FIXME (schwabe)
960 * getaddrinfo for the bind address might return multiple AF_INET/AF_INET6
961 * entries for the requested protocol.
962 * For example if an address has multiple A records
963 * What is the correct way to deal with it?
964 */
965
966 struct addrinfo *cur;
967
968 ASSERT(local);
969
970
971 /* find the first addrinfo with correct ai_family */
972 for (cur = local; cur; cur = cur->ai_next)
973 {
974 if (cur->ai_family == ai_family)
975 {
976 break;
977 }
978 }
979 if (!cur)
980 {
981 msg(M_FATAL, "%s: Socket bind failed: Addr to bind has no %s record", prefix,
982 addr_family_name(ai_family));
983 }
984
985 if (ai_family == AF_INET6)
986 {
987 int v6only = ipv6only ? 1 : 0; /* setsockopt must have an "int" */
988
989 msg(M_INFO, "setsockopt(IPV6_V6ONLY=%d)", v6only);
990 if (setsockopt(sd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&v6only, sizeof(v6only)))
991 {
992 msg(M_NONFATAL | M_ERRNO, "Setting IPV6_V6ONLY=%d failed", v6only);
993 }
994 }
995 if (openvpn_bind(sd, cur->ai_addr, cur->ai_addrlen))
996 {
997 msg(M_FATAL | M_ERRNO, "%s: Socket bind failed on local address %s", prefix,
998 print_sockaddr_ex(local->ai_addr, ":", PS_SHOW_PORT, &gc));
999 }
1000 gc_free(&gc);
1001}
1002
1003int
1004openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout,
1005 volatile int *signal_received)
1006{
1007 int status = 0;
1008
1009#ifdef TARGET_ANDROID
1010 protect_fd_nonlocal(sd, remote);
1011#endif
1012 set_nonblock(sd);
1013 status = connect(sd, remote, af_addr_size(remote->sa_family));
1014 if (status)
1015 {
1016 status = openvpn_errno();
1017 }
1018 if (
1019#ifdef _WIN32
1020 status == WSAEWOULDBLOCK
1021#else
1022 status == EINPROGRESS
1023#endif
1024 )
1025 {
1026 while (true)
1027 {
1028#if POLL
1029 struct pollfd fds[1];
1030 fds[0].fd = sd;
1031 fds[0].events = POLLOUT;
1032 status = poll(fds, 1, (connect_timeout > 0) ? 1000 : 0);
1033#else
1034 fd_set writes;
1035 struct timeval tv;
1036
1037 FD_ZERO(&writes);
1038 openvpn_fd_set(sd, &writes);
1039 tv.tv_sec = (connect_timeout > 0) ? 1 : 0;
1040 tv.tv_usec = 0;
1041
1042 status = openvpn_select(sd + 1, NULL, &writes, NULL, &tv);
1043#endif
1044 if (signal_received)
1045 {
1046 get_signal(signal_received);
1047 if (*signal_received)
1048 {
1049 status = 0;
1050 break;
1051 }
1052 }
1053 if (status < 0)
1054 {
1055 status = openvpn_errno();
1056 break;
1057 }
1058 if (status <= 0)
1059 {
1060 if (--connect_timeout < 0)
1061 {
1062#ifdef _WIN32
1063 status = WSAETIMEDOUT;
1064#else
1065 status = ETIMEDOUT;
1066#endif
1067 break;
1068 }
1069 management_sleep(0);
1070 continue;
1071 }
1072
1073 /* got it */
1074 {
1075 int val = 0;
1076 socklen_t len;
1077
1078 len = sizeof(val);
1079 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, (void *)&val, &len) == 0
1080 && len == sizeof(val))
1081 {
1082 status = val;
1083 }
1084 else
1085 {
1086 status = openvpn_errno();
1087 }
1088 break;
1089 }
1090 }
1091 }
1092
1093 return status;
1094}
1095
1096void
1097set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
1098{
1099 CLEAR(*actual);
1100 ASSERT(ai);
1101
1102 if (ai->ai_family == AF_INET)
1103 {
1104 actual->dest.addr.in4 = *((struct sockaddr_in *)ai->ai_addr);
1105 }
1106 else if (ai->ai_family == AF_INET6)
1107 {
1108 actual->dest.addr.in6 = *((struct sockaddr_in6 *)ai->ai_addr);
1109 }
1110 else
1111 {
1112 ASSERT(0);
1113 }
1114}
1115
1116static void
1117socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout,
1118 struct signal_info *sig_info)
1119{
1120 struct gc_arena gc = gc_new();
1121 int status;
1122
1123 msg(M_INFO, "Attempting to establish TCP connection with %s", print_sockaddr(dest, &gc));
1124
1125#ifdef ENABLE_MANAGEMENT
1126 if (management)
1127 {
1128 management_set_state(management, OPENVPN_STATE_TCP_CONNECT, NULL, NULL, NULL, NULL, NULL);
1129 }
1130#endif
1131
1132 /* Set the actual address */
1133 status = openvpn_connect(*sd, dest, connect_timeout, &sig_info->signal_received);
1134
1135 get_signal(&sig_info->signal_received);
1136 if (sig_info->signal_received)
1137 {
1138 goto done;
1139 }
1140
1141 if (status)
1142 {
1143 msg(D_LINK_ERRORS, "TCP: connect to %s failed: %s", print_sockaddr(dest, &gc),
1144 strerror(status));
1145
1146 openvpn_close_socket(*sd);
1147 *sd = SOCKET_UNDEFINED;
1148 register_signal(sig_info, SIGUSR1, "connection-failed");
1149 }
1150 else
1151 {
1152 msg(M_INFO, "TCP connection established with %s", print_sockaddr(dest, &gc));
1153 }
1154
1155done:
1156 gc_free(&gc);
1157}
1158
1159/*
1160 * Stream buffer handling prototypes -- stream_buf is a helper class
1161 * to assist in the packetization of stream transport protocols
1162 * such as TCP.
1163 */
1164
1165static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
1166 const int proto);
1167
1168static void stream_buf_close(struct stream_buf *sb);
1169
1170static bool stream_buf_added(struct stream_buf *sb, int length_added);
1171
1172/* For stream protocols, allocate a buffer to build up packet.
1173 * Called after frame has been finalized. */
1174
1175static void
1176socket_frame_init(const struct frame *frame, struct link_socket *sock)
1177{
1178#ifdef _WIN32
1179 overlapped_io_init(&sock->reads, frame, FALSE);
1180 overlapped_io_init(&sock->writes, frame, TRUE);
1181 sock->rw_handle.read = sock->reads.overlapped.hEvent;
1182 sock->rw_handle.write = sock->writes.overlapped.hEvent;
1183#endif
1184
1185 if (link_socket_connection_oriented(sock))
1186 {
1187#ifdef _WIN32
1188 stream_buf_init(&sock->stream_buf, &sock->reads.buf_init, sock->sockflags,
1189 sock->info.proto);
1190#else
1191 alloc_buf_sock_tun(&sock->stream_buf_data, frame);
1192
1193 stream_buf_init(&sock->stream_buf, &sock->stream_buf_data, sock->sockflags,
1194 sock->info.proto);
1195#endif
1196 }
1197}
1198
1199#if defined(__GNUC__) || defined(__clang__)
1200#pragma GCC diagnostic push
1201#pragma GCC diagnostic ignored "-Wconversion"
1202#endif
1203
1204static void
1205resolve_bind_local(struct link_socket *sock, const sa_family_t af)
1206{
1207 struct gc_arena gc = gc_new();
1208
1209 /* resolve local address if undefined */
1210 if (!sock->info.lsa->bind_local)
1211 {
1212 unsigned int flags = GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL | GETADDR_PASSIVE;
1213 int status;
1214
1215 if (proto_is_dgram(sock->info.proto))
1216 {
1217 flags |= GETADDR_DATAGRAM;
1218 }
1219
1220 /* will return AF_{INET|INET6}from local_host */
1221 status = get_cached_dns_entry(sock->dns_cache, sock->local_host, sock->local_port, af,
1222 flags, &sock->info.lsa->bind_local);
1223
1224 if (status)
1225 {
1226 status = openvpn_getaddrinfo(flags, sock->local_host, sock->local_port, 0, NULL, af,
1227 &sock->info.lsa->bind_local);
1228 }
1229
1230 if (status != 0)
1231 {
1232 msg(M_FATAL, "getaddrinfo() failed for local \"%s:%s\": %s", sock->local_host,
1233 sock->local_port, gai_strerror(status));
1234 }
1235
1236 /* the address family returned by openvpn_getaddrinfo() should be
1237 * taken into consideration only if we really passed an hostname
1238 * to resolve. Otherwise its value is not useful to us and may
1239 * actually break our socket, i.e. when it returns AF_INET
1240 * but our remote is v6 only.
1241 */
1242 if (sock->local_host)
1243 {
1244 /* the resolved 'local entry' might have a different family than
1245 * what was globally configured
1246 */
1247 sock->info.af = sock->info.lsa->bind_local->ai_family;
1248 }
1249 }
1250
1251 gc_free(&gc);
1252}
1253
1254static void
1255resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic,
1256 struct signal_info *sig_info)
1257{
1258 volatile int *signal_received = sig_info ? &sig_info->signal_received : NULL;
1259 struct gc_arena gc = gc_new();
1260
1261 /* resolve remote address if undefined */
1262 if (!sock->info.lsa->remote_list)
1263 {
1264 if (sock->remote_host)
1265 {
1266 unsigned int flags =
1267 sf2gaf(GETADDR_RESOLVE | GETADDR_UPDATE_MANAGEMENT_STATE, sock->sockflags);
1268 int retry = 0;
1269 int status = -1;
1270 struct addrinfo *ai;
1271 if (proto_is_dgram(sock->info.proto))
1272 {
1273 flags |= GETADDR_DATAGRAM;
1274 }
1275
1276 if (sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE)
1277 {
1278 if (phase == 2)
1279 {
1280 flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL);
1281 }
1282 retry = 0;
1283 }
1284 else if (phase == 1)
1285 {
1286 if (sock->resolve_retry_seconds)
1287 {
1288 retry = 0;
1289 }
1290 else
1291 {
1292 flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY);
1293 retry = 0;
1294 }
1295 }
1296 else if (phase == 2)
1297 {
1298 if (sock->resolve_retry_seconds)
1299 {
1300 flags |= GETADDR_FATAL;
1301 retry = sock->resolve_retry_seconds;
1302 }
1303 else
1304 {
1305 ASSERT(0);
1306 }
1307 }
1308 else
1309 {
1310 ASSERT(0);
1311 }
1312
1313
1314 status = get_cached_dns_entry(sock->dns_cache, sock->remote_host, sock->remote_port,
1315 sock->info.af, flags, &ai);
1316 if (status)
1317 {
1318 status = openvpn_getaddrinfo(flags, sock->remote_host, sock->remote_port, retry,
1319 sig_info, sock->info.af, &ai);
1320 }
1321
1322 if (status == 0)
1323 {
1324 sock->info.lsa->remote_list = ai;
1325 sock->info.lsa->current_remote = ai;
1326
1327 dmsg(D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d",
1328 flags, phase, retry, signal_received ? *signal_received : -1, status);
1329 }
1330 if (signal_received && *signal_received)
1331 {
1332 goto done;
1333 }
1334 if (status != 0)
1335 {
1336 if (signal_received)
1337 {
1338 /* potential overwrite of signal */
1339 register_signal(sig_info, SIGUSR1, "socks-resolve-failure");
1340 }
1341 goto done;
1342 }
1343 }
1344 }
1345
1346 /* should we re-use previous active remote address? */
1347 if (link_socket_actual_defined(&sock->info.lsa->actual))
1348 {
1349 msg(M_INFO, "TCP/UDP: Preserving recently used remote address: %s",
1350 print_link_socket_actual(&sock->info.lsa->actual, &gc));
1351 if (remote_dynamic)
1352 {
1353 *remote_dynamic = NULL;
1354 }
1355 }
1356 else
1357 {
1358 CLEAR(sock->info.lsa->actual);
1359 if (sock->info.lsa->current_remote)
1360 {
1361 set_actual_address(&sock->info.lsa->actual, sock->info.lsa->current_remote);
1362 }
1363 }
1364
1365done:
1366 gc_free(&gc);
1367}
1368
1369
1370struct link_socket *
1371link_socket_new(void)
1372{
1373 struct link_socket *sock;
1374
1375 ALLOC_OBJ_CLEAR(sock, struct link_socket);
1376 sock->sd = SOCKET_UNDEFINED;
1377 sock->ctrl_sd = SOCKET_UNDEFINED;
1378 sock->ev_arg.type = EVENT_ARG_LINK_SOCKET;
1379 sock->ev_arg.u.sock = sock;
1380
1381 return sock;
1382}
1383
1384void
1385link_socket_init_phase1(struct context *c, int sock_index, int mode)
1386{
1387 struct link_socket *sock = c->c2.link_sockets[sock_index];
1388 struct options *o = &c->options;
1389 ASSERT(sock);
1390
1391 const char *host = o->ce.local_list->array[sock_index]->local;
1392 const char *port = o->ce.local_list->array[sock_index]->port;
1393 int proto = o->ce.local_list->array[sock_index]->proto;
1394 const char *remote_host = o->ce.remote;
1395 const char *remote_port = o->ce.remote_port;
1396
1397 if (remote_host)
1398 {
1399 proto = o->ce.proto;
1400 }
1401
1402 if (c->mode == CM_CHILD_TCP || c->mode == CM_CHILD_UDP)
1403 {
1404 struct link_socket *tmp_sock = NULL;
1405 if (c->mode == CM_CHILD_TCP)
1406 {
1407 tmp_sock = (struct link_socket *)c->c2.accept_from;
1408 }
1409 else if (c->mode == CM_CHILD_UDP)
1410 {
1411 tmp_sock = c->c2.link_sockets[0];
1412 }
1413
1414 host = tmp_sock->local_host;
1415 port = tmp_sock->local_port;
1416 proto = tmp_sock->info.proto;
1417 }
1418
1419 sock->local_host = host;
1420 sock->local_port = port;
1421 sock->remote_host = remote_host;
1422 sock->remote_port = remote_port;
1423 sock->dns_cache = c->c1.dns_cache;
1424 sock->http_proxy = c->c1.http_proxy;
1425 sock->socks_proxy = c->c1.socks_proxy;
1426 sock->bind_local = o->ce.bind_local;
1427 sock->resolve_retry_seconds = o->resolve_retry_seconds;
1428 sock->mtu_discover_type = o->ce.mtu_discover_type;
1429
1430#ifdef ENABLE_DEBUG
1431 sock->gremlin = o->gremlin;
1432#endif
1433
1434 sock->socket_buffer_sizes.rcvbuf = o->rcvbuf;
1435 sock->socket_buffer_sizes.sndbuf = o->sndbuf;
1436
1437 sock->sockflags = o->sockflags;
1438
1439#if PORT_SHARE
1440 if (o->port_share_host && o->port_share_port)
1441 {
1442 sock->sockflags |= SF_PORT_SHARE;
1443 }
1444#endif
1445
1446 sock->mark = o->mark;
1447 sock->bind_dev = o->bind_dev;
1448 sock->info.proto = proto;
1449 sock->info.af = o->ce.af;
1450 sock->info.remote_float = o->ce.remote_float;
1451 sock->info.lsa = &c->c1.link_socket_addrs[sock_index];
1452 sock->info.bind_ipv6_only = o->ce.bind_ipv6_only;
1453 sock->info.ipchange_command = o->ipchange;
1454 sock->info.plugins = c->plugins;
1455 sock->server_poll_timeout = &c->c2.server_poll_interval;
1456
1457 sock->mode = mode;
1458 if (mode == LS_MODE_TCP_ACCEPT_FROM)
1459 {
1460 ASSERT(c->c2.accept_from);
1461 ASSERT(sock->info.proto == PROTO_TCP_SERVER);
1462 sock->sd = c->c2.accept_from->sd;
1463 /* inherit (possibly guessed) info AF from parent context */
1464 sock->info.af = c->c2.accept_from->info.af;
1465 }
1466
1467 /* are we running in HTTP proxy mode? */
1468 if (sock->http_proxy)
1469 {
1470 ASSERT(sock->info.proto == PROTO_TCP_CLIENT);
1471
1472 /* the proxy server */
1473 sock->remote_host = c->c1.http_proxy->options.server;
1474 sock->remote_port = c->c1.http_proxy->options.port;
1475
1476 /* the OpenVPN server we will use the proxy to connect to */
1477 sock->proxy_dest_host = remote_host;
1478 sock->proxy_dest_port = remote_port;
1479 }
1480 /* or in Socks proxy mode? */
1481 else if (sock->socks_proxy)
1482 {
1483 /* the proxy server */
1484 sock->remote_host = c->c1.socks_proxy->server;
1485 sock->remote_port = c->c1.socks_proxy->port;
1486
1487 /* the OpenVPN server we will use the proxy to connect to */
1488 sock->proxy_dest_host = remote_host;
1489 sock->proxy_dest_port = remote_port;
1490 }
1491 else
1492 {
1493 sock->remote_host = remote_host;
1494 sock->remote_port = remote_port;
1495 }
1496
1497 /* bind behavior for TCP server vs. client */
1498 if (sock->info.proto == PROTO_TCP_SERVER)
1499 {
1500 if (sock->mode == LS_MODE_TCP_ACCEPT_FROM)
1501 {
1502 sock->bind_local = false;
1503 }
1504 else
1505 {
1506 sock->bind_local = true;
1507 }
1508 }
1509
1510 if (mode != LS_MODE_TCP_ACCEPT_FROM)
1511 {
1512 if (sock->bind_local)
1513 {
1514 resolve_bind_local(sock, sock->info.af);
1515 }
1516 resolve_remote(sock, 1, NULL, NULL);
1517 }
1518}
1519
1520static void
1521phase2_set_socket_flags(struct link_socket *sock)
1522{
1523 /* set misc socket parameters */
1524 socket_set_flags(sock->sd, sock->sockflags);
1525
1526 /* set socket to non-blocking mode */
1527 set_nonblock(sock->sd);
1528
1529 /* set Path MTU discovery options on the socket */
1530 set_mtu_discover_type(sock->sd, sock->mtu_discover_type, sock->info.af);
1531
1532#if EXTENDED_SOCKET_ERROR_CAPABILITY
1533 /* if the OS supports it, enable extended error passing on the socket */
1534 set_sock_extended_error_passing(sock->sd, sock->info.af);
1535#endif
1536}
1537
1538
1539static void
1540linksock_print_addr(struct link_socket *sock)
1541{
1542 struct gc_arena gc = gc_new();
1543 const msglvl_t msglevel = (sock->mode == LS_MODE_TCP_ACCEPT_FROM) ? D_INIT_MEDIUM : M_INFO;
1544
1545 /* print local address */
1546 if (sock->bind_local)
1547 {
1548 sa_family_t ai_family = sock->info.lsa->actual.dest.addr.sa.sa_family;
1549 /* Socket is always bound on the first matching address,
1550 * For bound sockets with no remote addr this is the element of
1551 * the list */
1552 struct addrinfo *cur;
1553 for (cur = sock->info.lsa->bind_local; cur; cur = cur->ai_next)
1554 {
1555 if (!ai_family || ai_family == cur->ai_family)
1556 {
1557 break;
1558 }
1559 }
1560 ASSERT(cur);
1561 msg(msglevel, "%s link local (bound): %s",
1562 proto2ascii(sock->info.proto, sock->info.af, true), print_sockaddr(cur->ai_addr, &gc));
1563 }
1564 else
1565 {
1566 msg(msglevel, "%s link local: (not bound)",
1567 proto2ascii(sock->info.proto, sock->info.af, true));
1568 }
1569
1570 /* print active remote address */
1571 msg(msglevel, "%s link remote: %s", proto2ascii(sock->info.proto, sock->info.af, true),
1572 print_link_socket_actual_ex(&sock->info.lsa->actual, ":", PS_SHOW_PORT_IF_DEFINED, &gc));
1573 gc_free(&gc);
1574}
1575
1576static void
1577phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic,
1578 struct signal_info *sig_info)
1579{
1580 ASSERT(sig_info);
1581 volatile int *signal_received = &sig_info->signal_received;
1582 switch (sock->mode)
1583 {
1584 case LS_MODE_DEFAULT:
1585 sock->sd =
1586 socket_listen_accept(sock->sd, &sock->info.lsa->actual, remote_dynamic,
1587 sock->info.lsa->bind_local, true, false, signal_received);
1588 break;
1589
1590 case LS_MODE_TCP_LISTEN:
1591 socket_do_listen(sock->sd, sock->info.lsa->bind_local, true, false);
1592 break;
1593
1594 case LS_MODE_TCP_ACCEPT_FROM:
1595 sock->sd = socket_do_accept(sock->sd, &sock->info.lsa->actual, false);
1596 if (!socket_defined(sock->sd))
1597 {
1598 register_signal(sig_info, SIGTERM, "socket-undefined");
1599 return;
1600 }
1601 tcp_connection_established(&sock->info.lsa->actual);
1602 break;
1603
1604 default:
1605 ASSERT(0);
1606 }
1607}
1608
1609
1610static void
1611phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
1612{
1613 bool proxy_retry = false;
1614 do
1615 {
1616 socket_connect(&sock->sd, sock->info.lsa->current_remote->ai_addr,
1617 get_server_poll_remaining_time(sock->server_poll_timeout), sig_info);
1618
1619 if (sig_info->signal_received)
1620 {
1621 return;
1622 }
1623
1624 if (sock->http_proxy)
1625 {
1626 proxy_retry = establish_http_proxy_passthru(
1627 sock->http_proxy, sock->sd, sock->proxy_dest_host, sock->proxy_dest_port,
1628 sock->server_poll_timeout, &sock->stream_buf.residual, sig_info);
1629 }
1630 else if (sock->socks_proxy)
1631 {
1632 establish_socks_proxy_passthru(sock->socks_proxy, sock->sd, sock->proxy_dest_host,
1633 sock->proxy_dest_port, sock->server_poll_timeout,
1634 sig_info);
1635 }
1636 if (proxy_retry)
1637 {
1638 openvpn_close_socket(sock->sd);
1639 sock->sd = create_socket_tcp(sock->info.lsa->current_remote);
1640 }
1641
1642 } while (proxy_retry);
1643}
1644
1645static void
1646phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
1647{
1648 socket_connect(&sock->ctrl_sd, sock->info.lsa->current_remote->ai_addr,
1649 get_server_poll_remaining_time(sock->server_poll_timeout), sig_info);
1650
1651 if (sig_info->signal_received)
1652 {
1653 return;
1654 }
1655
1656 establish_socks_proxy_udpassoc(sock->socks_proxy, sock->ctrl_sd, &sock->socks_relay.dest,
1657 sock->server_poll_timeout, sig_info);
1658
1659 if (sig_info->signal_received)
1660 {
1661 return;
1662 }
1663
1664 sock->remote_host = sock->proxy_dest_host;
1665 sock->remote_port = sock->proxy_dest_port;
1666
1667 addr_zero_host(&sock->info.lsa->actual.dest);
1668 if (sock->info.lsa->remote_list)
1669 {
1670 freeaddrinfo(sock->info.lsa->remote_list);
1671 sock->info.lsa->current_remote = NULL;
1672 sock->info.lsa->remote_list = NULL;
1673 }
1674
1675 resolve_remote(sock, 1, NULL, sig_info);
1676}
1677
1678#if defined(_WIN32)
1679static void
1680create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
1681{
1682 /* in P2P mode we must have remote resolved at this point */
1683 struct addrinfo *remoteaddr = sock->info.lsa->current_remote;
1684 if ((c->options.mode == MODE_POINT_TO_POINT) && (!remoteaddr))
1685 {
1686 return;
1687 }
1688
1689 if (!c->c1.tuntap)
1690 {
1691 struct tuntap *tt;
1692 ALLOC_OBJ_CLEAR(tt, struct tuntap);
1693
1694 tt->backend_driver = DRIVER_DCO;
1695 tt->options.msg_channel = c->options.msg_channel;
1696
1697 const char *device_guid = NULL; /* not used */
1698 tun_open_device(tt, c->options.dev_node, &device_guid, &c->gc);
1699
1700 /* Ensure we can "safely" cast the handle to a socket */
1701 static_assert(sizeof(sock->sd) == sizeof(tt->hand), "HANDLE and SOCKET size differs");
1702
1703 c->c1.tuntap = tt;
1704 }
1705
1706 if (c->options.mode == MODE_SERVER)
1707 {
1708 dco_mp_start_vpn(c->c1.tuntap->hand, sock);
1709 }
1710 else
1711 {
1712 dco_p2p_new_peer(c->c1.tuntap->hand, &c->c1.tuntap->dco_new_peer_ov, sock, sig_info);
1713 }
1714 sock->sockflags |= SF_DCO_WIN;
1715
1716 if (sig_info->signal_received)
1717 {
1718 return;
1719 }
1720
1721 sock->sd = (SOCKET)c->c1.tuntap->hand;
1722 linksock_print_addr(sock);
1723}
1724#endif /* if defined(_WIN32) */
1725
1726/* finalize socket initialization */
1727void
1728link_socket_init_phase2(struct context *c, struct link_socket *sock)
1729{
1730 const struct frame *frame = &c->c2.frame;
1731 struct signal_info *sig_info = c->sig;
1732
1733 const char *remote_dynamic = NULL;
1734 struct signal_info sig_save = { 0 };
1735
1736 ASSERT(sock);
1737 ASSERT(sig_info);
1738
1739 if (sig_info->signal_received)
1740 {
1741 sig_save = *sig_info;
1742 sig_save.signal_received = signal_reset(sig_info, 0);
1743 }
1744
1745 /* initialize buffers */
1746 socket_frame_init(frame, sock);
1747
1748 /*
1749 * Pass a remote name to connect/accept so that
1750 * they can test for dynamic IP address changes
1751 * and throw a SIGUSR1 if appropriate.
1752 */
1753 if (sock->resolve_retry_seconds)
1754 {
1755 remote_dynamic = sock->remote_host;
1756 }
1757
1758 /* Second chance to resolv/create socket */
1759 resolve_remote(sock, 2, &remote_dynamic, sig_info);
1760
1761 /* If a valid remote has been found, create the socket with its addrinfo */
1762#if defined(_WIN32)
1763 if (dco_enabled(&c->options))
1764 {
1765 create_socket_dco_win(c, sock, sig_info);
1766 goto done;
1767 }
1768#endif
1769 if (sock->info.lsa->current_remote)
1770 {
1771 create_socket(sock, sock->info.lsa->current_remote);
1772 }
1773
1774 /* If socket has not already been created create it now */
1775 if (sock->sd == SOCKET_UNDEFINED)
1776 {
1777 /* If we have no --remote and have still not figured out the
1778 * protocol family to use we will use the first of the bind */
1779
1780 if (sock->bind_local && !sock->remote_host && sock->info.lsa->bind_local)
1781 {
1782 /* Warn if this is because neither v4 or v6 was specified
1783 * and we should not connect a remote */
1784 if (sock->info.af == AF_UNSPEC)
1785 {
1786 msg(M_WARN, "Could not determine IPv4/IPv6 protocol. Using %s",
1787 addr_family_name(sock->info.lsa->bind_local->ai_family));
1788 sock->info.af = sock->info.lsa->bind_local->ai_family;
1789 }
1790 create_socket(sock, sock->info.lsa->bind_local);
1791 }
1792 }
1793
1794 /* Socket still undefined, give a warning and abort connection */
1795 if (sock->sd == SOCKET_UNDEFINED)
1796 {
1797 msg(M_WARN, "Could not determine IPv4/IPv6 protocol");
1798 register_signal(sig_info, SIGUSR1, "Could not determine IPv4/IPv6 protocol");
1799 goto done;
1800 }
1801
1802 if (sig_info->signal_received)
1803 {
1804 goto done;
1805 }
1806
1807 if (sock->info.proto == PROTO_TCP_SERVER)
1808 {
1809 phase2_tcp_server(sock, remote_dynamic, sig_info);
1810 }
1811 else if (sock->info.proto == PROTO_TCP_CLIENT)
1812 {
1813 phase2_tcp_client(sock, sig_info);
1814 }
1815 else if (sock->info.proto == PROTO_UDP && sock->socks_proxy)
1816 {
1817 phase2_socks_client(sock, sig_info);
1818 }
1819#ifdef TARGET_ANDROID
1820 if (sock->sd != -1)
1821 {
1822 protect_fd_nonlocal(sock->sd, &sock->info.lsa->actual.dest.addr.sa);
1823 }
1824#endif
1825 if (sig_info->signal_received)
1826 {
1827 goto done;
1828 }
1829
1830 phase2_set_socket_flags(sock);
1831 linksock_print_addr(sock);
1832
1833done:
1834 if (sig_save.signal_received)
1835 {
1836 /* Always restore the saved signal -- register/throw_signal will handle priority */
1837 if (sig_save.source == SIG_SOURCE_HARD && sig_info == &siginfo_static)
1838 {
1839 throw_signal(sig_save.signal_received);
1840 }
1841 else
1842 {
1843 register_signal(sig_info, sig_save.signal_received, sig_save.signal_text);
1844 }
1845 }
1846}
1847
1848void
1849link_socket_close(struct link_socket *sock)
1850{
1851 if (sock)
1852 {
1853#ifdef ENABLE_DEBUG
1854 const int gremlin = GREMLIN_CONNECTION_FLOOD_LEVEL(sock->gremlin);
1855#else
1856 const int gremlin = 0;
1857#endif
1858
1859 if (socket_defined(sock->sd))
1860 {
1861#ifdef _WIN32
1862 close_net_event_win32(&sock->listen_handle, sock->sd, 0);
1863#endif
1864 if (!gremlin)
1865 {
1866 msg(D_LOW, "TCP/UDP: Closing socket");
1867 if (openvpn_close_socket(sock->sd))
1868 {
1869 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket failed");
1870 }
1871 }
1872 sock->sd = SOCKET_UNDEFINED;
1873#ifdef _WIN32
1874 if (!gremlin)
1875 {
1876 overlapped_io_close(&sock->reads);
1877 overlapped_io_close(&sock->writes);
1878 }
1879#endif
1880 }
1881
1882 if (socket_defined(sock->ctrl_sd))
1883 {
1884 if (openvpn_close_socket(sock->ctrl_sd))
1885 {
1886 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket (ctrl_sd) failed");
1887 }
1888 sock->ctrl_sd = SOCKET_UNDEFINED;
1889 }
1890
1891 stream_buf_close(&sock->stream_buf);
1892 free_buf(&sock->stream_buf_data);
1893 if (!gremlin)
1894 {
1895 free(sock);
1896 }
1897 }
1898}
1899
1900void
1901setenv_trusted(struct env_set *es, const struct link_socket_info *info)
1902{
1903 setenv_link_socket_actual(es, "trusted", &info->lsa->actual, SA_IP_PORT);
1904}
1905
1906static void
1907ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info,
1908 struct gc_arena *gc)
1909{
1910 const char *host = print_sockaddr_ex(&info->lsa->actual.dest.addr.sa, " ", PS_SHOW_PORT, gc);
1911 if (include_cmd)
1912 {
1913 argv_parse_cmd(argv, info->ipchange_command);
1914 argv_printf_cat(argv, "%s", host);
1915 }
1916 else
1917 {
1918 argv_printf(argv, "%s", host);
1919 }
1920}
1921
1922void
1923link_socket_connection_initiated(struct link_socket_info *info,
1924 const struct link_socket_actual *act, const char *common_name,
1925 struct env_set *es)
1926{
1927 struct gc_arena gc = gc_new();
1928
1929 info->lsa->actual = *act; /* Note: skip this line for --force-dest */
1930 setenv_trusted(es, info);
1931 info->connection_established = true;
1932
1933 /* Print connection initiated message, with common name if available */
1934 {
1935 struct buffer out = alloc_buf_gc(256, &gc);
1936 if (common_name)
1937 {
1938 buf_printf(&out, "[%s] ", common_name);
1939 }
1940 buf_printf(&out, "Peer Connection Initiated with %s",
1941 print_link_socket_actual(&info->lsa->actual, &gc));
1942 msg(M_INFO, "%s", BSTR(&out));
1943 }
1944
1945 /* set environmental vars */
1946 setenv_str(es, "common_name", common_name);
1947
1948 /* Process --ipchange plugin */
1949 if (plugin_defined(info->plugins, OPENVPN_PLUGIN_IPCHANGE))
1950 {
1951 struct argv argv = argv_new();
1952 ipchange_fmt(false, &argv, info, &gc);
1953 if (plugin_call(info->plugins, OPENVPN_PLUGIN_IPCHANGE, &argv, NULL, es)
1954 != OPENVPN_PLUGIN_FUNC_SUCCESS)
1955 {
1956 msg(M_WARN, "WARNING: ipchange plugin call failed");
1957 }
1958 argv_free(&argv);
1959 }
1960
1961 /* Process --ipchange option */
1962 if (info->ipchange_command)
1963 {
1964 struct argv argv = argv_new();
1965 setenv_str(es, "script_type", "ipchange");
1966 ipchange_fmt(true, &argv, info, &gc);
1967 openvpn_run_script(&argv, es, 0, "--ipchange");
1968 argv_free(&argv);
1969 }
1970
1971 gc_free(&gc);
1972}
1973
1974void
1975link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info,
1976 const struct link_socket_actual *from_addr)
1977{
1978 struct gc_arena gc = gc_new();
1979 struct addrinfo *ai;
1980
1981 switch (from_addr->dest.addr.sa.sa_family)
1982 {
1983 case AF_INET:
1984 case AF_INET6:
1985 msg(D_LINK_ERRORS,
1986 "TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
1987 print_link_socket_actual(from_addr, &gc), (int)from_addr->dest.addr.sa.sa_family,
1988 print_sockaddr_ex(info->lsa->remote_list->ai_addr, ":", PS_SHOW_PORT, &gc));
1989 /* print additional remote addresses */
1990 for (ai = info->lsa->remote_list->ai_next; ai; ai = ai->ai_next)
1991 {
1992 msg(D_LINK_ERRORS, "or from peer address: %s",
1993 print_sockaddr_ex(ai->ai_addr, ":", PS_SHOW_PORT, &gc));
1994 }
1995 break;
1996 }
1997 buf->len = 0;
1998 gc_free(&gc);
1999}
2000
2001void
2002link_socket_bad_outgoing_addr(void)
2003{
2004 dmsg(D_READ_WRITE, "TCP/UDP: No outgoing address to send packet");
2005}
2006
2007in_addr_t
2008link_socket_current_remote(const struct link_socket_info *info)
2009{
2010 const struct link_socket_addr *lsa = info->lsa;
2011
2012 /*
2013 * This logic supports "redirect-gateway" semantic, which
2014 * makes sense only for PF_INET routes over PF_INET endpoints
2015 *
2016 * Maybe in the future consider PF_INET6 endpoints also ...
2017 * by now just ignore it
2018 *
2019 * For --remote entries with multiple addresses this
2020 * only return the actual endpoint we have successfully connected to
2021 */
2022 if (lsa->actual.dest.addr.sa.sa_family != AF_INET)
2023 {
2024 return IPV4_INVALID_ADDR;
2025 }
2026
2027 if (link_socket_actual_defined(&lsa->actual))
2028 {
2029 return ntohl(lsa->actual.dest.addr.in4.sin_addr.s_addr);
2030 }
2031 else if (lsa->current_remote)
2032 {
2033 return ntohl(((struct sockaddr_in *)lsa->current_remote->ai_addr)->sin_addr.s_addr);
2034 }
2035 else
2036 {
2037 return 0;
2038 }
2039}
2040
2041const struct in6_addr *
2042link_socket_current_remote_ipv6(const struct link_socket_info *info)
2043{
2044 const struct link_socket_addr *lsa = info->lsa;
2045
2046 /* This logic supports "redirect-gateway" semantic,
2047 * for PF_INET6 routes over PF_INET6 endpoints
2048 *
2049 * For --remote entries with multiple addresses this
2050 * only return the actual endpoint we have successfully connected to
2051 */
2052 if (lsa->actual.dest.addr.sa.sa_family != AF_INET6)
2053 {
2054 return NULL;
2055 }
2056
2057 if (link_socket_actual_defined(&lsa->actual))
2058 {
2059 return &(lsa->actual.dest.addr.in6.sin6_addr);
2060 }
2061 else if (lsa->current_remote)
2062 {
2063 return &(((struct sockaddr_in6 *)lsa->current_remote->ai_addr)->sin6_addr);
2064 }
2065 else
2066 {
2067 return NULL;
2068 }
2069}
2070
2071/*
2072 * Return a status string describing socket state.
2073 */
2074const char *
2075socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
2076{
2077 struct buffer out = alloc_buf_gc(64, gc);
2078 if (s)
2079 {
2080 if (rwflags & EVENT_READ)
2081 {
2082 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_READ) ? "R" : "r");
2083#ifdef _WIN32
2084 buf_printf(&out, "%s", overlapped_io_state_ascii(&s->reads));
2085#endif
2086 }
2087 if (rwflags & EVENT_WRITE)
2088 {
2089 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_WRITE) ? "W" : "w");
2090#ifdef _WIN32
2091 buf_printf(&out, "%s", overlapped_io_state_ascii(&s->writes));
2092#endif
2093 }
2094 }
2095 else
2096 {
2097 buf_printf(&out, "S?");
2098 }
2099 return BSTR(&out);
2100}
2101
2102/*
2103 * Stream buffer functions, used to packetize a TCP
2104 * stream connection.
2105 */
2106
2107static inline void
2108stream_buf_reset(struct stream_buf *sb)
2109{
2110 dmsg(D_STREAM_DEBUG, "STREAM: RESET");
2111 sb->residual_fully_formed = false;
2112 sb->buf = sb->buf_init;
2113 buf_reset(&sb->next);
2114 sb->len = -1;
2115}
2116
2117static void
2118stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
2119 const int proto)
2120{
2121 sb->buf_init = *buf;
2122 sb->maxlen = sb->buf_init.len;
2123 sb->buf_init.len = 0;
2124 sb->residual = alloc_buf(sb->maxlen);
2125 sb->error = false;
2126#if PORT_SHARE
2127 sb->port_share_state =
2128 ((sockflags & SF_PORT_SHARE) && (proto == PROTO_TCP_SERVER)) ? PS_ENABLED : PS_DISABLED;
2129#endif
2130 stream_buf_reset(sb);
2131
2132 dmsg(D_STREAM_DEBUG, "STREAM: INIT maxlen=%d", sb->maxlen);
2133}
2134
2135static inline void
2136stream_buf_set_next(struct stream_buf *sb)
2137{
2138 /* set up 'next' for next i/o read */
2139 sb->next = sb->buf;
2140 sb->next.offset = sb->buf.offset + sb->buf.len;
2141 sb->next.len = (sb->len >= 0 ? sb->len : sb->maxlen) - sb->buf.len;
2142 dmsg(D_STREAM_DEBUG, "STREAM: SET NEXT, buf=[%d,%d] next=[%d,%d] len=%d maxlen=%d",
2143 sb->buf.offset, sb->buf.len, sb->next.offset, sb->next.len, sb->len, sb->maxlen);
2144 ASSERT(sb->next.len > 0);
2145 ASSERT(buf_safe(&sb->buf, sb->next.len));
2146}
2147
2148static inline void
2149stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
2150{
2151 dmsg(D_STREAM_DEBUG, "STREAM: GET FINAL len=%d", buf_defined(&sb->buf) ? sb->buf.len : -1);
2152 ASSERT(buf_defined(&sb->buf));
2153 *buf = sb->buf;
2154}
2155
2156static inline void
2157stream_buf_get_next(struct stream_buf *sb, struct buffer *buf)
2158{
2159 dmsg(D_STREAM_DEBUG, "STREAM: GET NEXT len=%d", buf_defined(&sb->next) ? sb->next.len : -1);
2160 ASSERT(buf_defined(&sb->next));
2161 *buf = sb->next;
2162}
2163
2164bool
2165stream_buf_read_setup_dowork(struct link_socket *sock)
2166{
2167 if (sock->stream_buf.residual.len && !sock->stream_buf.residual_fully_formed)
2168 {
2169 ASSERT(buf_copy(&sock->stream_buf.buf, &sock->stream_buf.residual));
2170 ASSERT(buf_init(&sock->stream_buf.residual, 0));
2171 sock->stream_buf.residual_fully_formed = stream_buf_added(&sock->stream_buf, 0);
2172 dmsg(D_STREAM_DEBUG, "STREAM: RESIDUAL FULLY FORMED [%s], len=%d",
2173 sock->stream_buf.residual_fully_formed ? "YES" : "NO", sock->stream_buf.residual.len);
2174 }
2175
2176 if (!sock->stream_buf.residual_fully_formed)
2177 {
2178 stream_buf_set_next(&sock->stream_buf);
2179 }
2180 return !sock->stream_buf.residual_fully_formed;
2181}
2182
2183static bool
2184stream_buf_added(struct stream_buf *sb, int length_added)
2185{
2186 dmsg(D_STREAM_DEBUG, "STREAM: ADD length_added=%d", length_added);
2187 if (length_added > 0)
2188 {
2189 sb->buf.len += length_added;
2190 }
2191
2192 /* if length unknown, see if we can get the length prefix from
2193 * the head of the buffer */
2194 if (sb->len < 0 && sb->buf.len >= (int)sizeof(packet_size_type))
2195 {
2196 packet_size_type net_size;
2197
2198#if PORT_SHARE
2199 if (sb->port_share_state == PS_ENABLED)
2200 {
2201 if (!is_openvpn_protocol(&sb->buf))
2202 {
2203 msg(D_STREAM_ERRORS, "Non-OpenVPN client protocol detected");
2204 sb->port_share_state = PS_FOREIGN;
2205 sb->error = true;
2206 return false;
2207 }
2208 else
2209 {
2210 sb->port_share_state = PS_DISABLED;
2211 }
2212 }
2213#endif
2214
2215 ASSERT(buf_read(&sb->buf, &net_size, sizeof(net_size)));
2216 sb->len = ntohps(net_size);
2217
2218 if (sb->len < 1 || sb->len > sb->maxlen)
2219 {
2220 msg(M_WARN,
2221 "WARNING: Bad encapsulated packet length from peer (%d), which must be > 0 and <= %d -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]",
2222 sb->len, sb->maxlen);
2223 stream_buf_reset(sb);
2224 sb->error = true;
2225 return false;
2226 }
2227 }
2228
2229 /* is our incoming packet fully read? */
2230 if (sb->len > 0 && sb->buf.len >= sb->len)
2231 {
2232 /* save any residual data that's part of the next packet */
2233 ASSERT(buf_init(&sb->residual, 0));
2234 if (sb->buf.len > sb->len)
2235 {
2236 ASSERT(buf_copy_excess(&sb->residual, &sb->buf, sb->len));
2237 }
2238 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned TRUE, buf_len=%d, residual_len=%d",
2239 BLEN(&sb->buf), BLEN(&sb->residual));
2240 return true;
2241 }
2242 else
2243 {
2244 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned FALSE (have=%d need=%d)", sb->buf.len, sb->len);
2245 stream_buf_set_next(sb);
2246 return false;
2247 }
2248}
2249
2250static void
2251stream_buf_close(struct stream_buf *sb)
2252{
2253 free_buf(&sb->residual);
2254}
2255
2256/*
2257 * The listen event is a special event whose sole purpose is
2258 * to tell us that there's a new incoming connection on a
2259 * TCP socket, for use in server mode.
2260 */
2261event_t
2262socket_listen_event_handle(struct link_socket *s)
2263{
2264#ifdef _WIN32
2265 if (!defined_net_event_win32(&s->listen_handle))
2266 {
2267 init_net_event_win32(&s->listen_handle, FD_ACCEPT, s->sd, 0);
2268 }
2269 return &s->listen_handle;
2270#else /* ifdef _WIN32 */
2271 return s->sd;
2272#endif
2273}
2274
2275
2276/*
2277 * Bad incoming address lengths that differ from what
2278 * we expect are considered to be fatal errors.
2279 */
2280void
2281bad_address_length(int actual, int expected)
2282{
2283 msg(M_FATAL,
2284 "ERROR: received strange incoming packet with an address length of %d -- we only accept address lengths of %d.",
2285 actual, expected);
2286}
2287
2288/*
2289 * Socket Read Routines
2290 */
2291
2292int
2293link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
2294{
2295 int len = 0;
2296
2297 if (!sock->stream_buf.residual_fully_formed)
2298 {
2299 /* with Linux-DCO, we sometimes try to access a socket that is
2300 * already installed in the kernel and has no valid file descriptor
2301 * anymore. This is a bug.
2302 * Handle by resetting client instance instead of crashing.
2303 */
2304 if (sock->sd == SOCKET_UNDEFINED)
2305 {
2306 msg(M_INFO, "BUG: link_socket_read_tcp(): sock->sd==-1, reset client instance");
2307 sock->stream_reset = true; /* reset client instance */
2308 return buf->len = 0; /* nothing to read */
2309 }
2310
2311#ifdef _WIN32
2312 sockethandle_t sh = { .s = sock->sd };
2313 len = sockethandle_finalize(sh, &sock->reads, buf, NULL);
2314#else
2315 struct buffer frag;
2316 stream_buf_get_next(&sock->stream_buf, &frag);
2317 len = recv(sock->sd, BPTR(&frag), BLEN(&frag), MSG_NOSIGNAL);
2318#endif
2319
2320 if (!len)
2321 {
2322 sock->stream_reset = true;
2323 }
2324 if (len <= 0)
2325 {
2326 return buf->len = len;
2327 }
2328 }
2329
2330 if (sock->stream_buf.residual_fully_formed
2331 || stream_buf_added(&sock->stream_buf, len)) /* packet complete? */
2332 {
2333 stream_buf_get_final(&sock->stream_buf, buf);
2334 stream_buf_reset(&sock->stream_buf);
2335 return buf->len;
2336 }
2337 else
2338 {
2339 return buf->len = 0; /* no error, but packet is still incomplete */
2340 }
2341}
2342
2343#ifndef _WIN32
2344
2345#if ENABLE_IP_PKTINFO
2346
2347/* make the buffer large enough to handle ancillary socket data for
2348 * both IPv4 and IPv6 destination addresses, plus padding (see RFC 2292)
2349 */
2350#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2351#define PKTINFO_BUF_SIZE \
2352 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_pktinfo)))
2353#else
2354#define PKTINFO_BUF_SIZE \
2355 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_addr)))
2356#endif
2357
2358static socklen_t
2359link_socket_read_udp_posix_recvmsg(struct link_socket *sock, struct buffer *buf,
2360 struct link_socket_actual *from)
2361{
2362 struct iovec iov;
2363 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2364 struct msghdr mesg = { 0 };
2365 socklen_t fromlen = sizeof(from->dest.addr);
2366
2367 ASSERT(sock->sd >= 0); /* can't happen */
2368
2369 iov.iov_base = BPTR(buf);
2370 iov.iov_len = buf_forward_capacity_total(buf);
2371 mesg.msg_iov = &iov;
2372 mesg.msg_iovlen = 1;
2373 mesg.msg_name = &from->dest.addr;
2374 mesg.msg_namelen = fromlen;
2375 mesg.msg_control = pktinfo_buf;
2376 mesg.msg_controllen = sizeof pktinfo_buf;
2377 buf->len = recvmsg(sock->sd, &mesg, 0);
2378 if (buf->len >= 0)
2379 {
2380 struct cmsghdr *cmsg;
2381 fromlen = mesg.msg_namelen;
2382 cmsg = CMSG_FIRSTHDR(&mesg);
2383 if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2384#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2385 && cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO
2386 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_pktinfo)))
2387#elif defined(IP_RECVDSTADDR)
2388 && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR
2389 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_addr)))
2390#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2391#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2392#endif
2393 {
2394#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2395 struct in_pktinfo *pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2396 from->pi.in4.ipi_ifindex =
2397 (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti->ipi_ifindex : 0;
2398 from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst;
2399#elif defined(IP_RECVDSTADDR)
2400 from->pi.in4 = *(struct in_addr *)CMSG_DATA(cmsg);
2401#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2402#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2403#endif
2404 }
2405 else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2406 && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO
2407 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in6_pktinfo)))
2408 {
2409 struct in6_pktinfo *pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2410 from->pi.in6.ipi6_ifindex =
2411 (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti6->ipi6_ifindex : 0;
2412 from->pi.in6.ipi6_addr = pkti6->ipi6_addr;
2413 }
2414 else if (cmsg != NULL)
2415 {
2416 msg(M_WARN,
2417 "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)",
2418 (int)cmsg->cmsg_level, (int)cmsg->cmsg_type, (int)cmsg->cmsg_len);
2419 }
2420 }
2421
2422 return fromlen;
2423}
2424#endif /* if ENABLE_IP_PKTINFO */
2425
2426int
2427link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf,
2428 struct link_socket_actual *from)
2429{
2430 socklen_t fromlen = sizeof(from->dest.addr);
2431 socklen_t expectedlen = af_addr_size(sock->info.af);
2432 addr_zero_host(&from->dest);
2433
2434 ASSERT(sock->sd >= 0); /* can't happen */
2435
2436#if ENABLE_IP_PKTINFO
2437 /* Both PROTO_UDPv4 and PROTO_UDPv6 */
2438 if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO)
2439 {
2440 fromlen = link_socket_read_udp_posix_recvmsg(sock, buf, from);
2441 }
2442 else
2443#endif
2444 {
2445 buf->len = recvfrom(sock->sd, BPTR(buf), buf_forward_capacity(buf), 0, &from->dest.addr.sa,
2446 &fromlen);
2447 }
2448 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2449 if (buf->len >= 0 && expectedlen && fromlen != expectedlen)
2450 {
2451 bad_address_length(fromlen, expectedlen);
2452 }
2453 return buf->len;
2454}
2455
2456#endif /* ifndef _WIN32 */
2457
2458/*
2459 * Socket Write Routines
2460 */
2461
2462ssize_t
2463link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
2464{
2465 packet_size_type len = BLEN(buf);
2466 dmsg(D_STREAM_DEBUG, "STREAM: WRITE %d offset=%d", (int)len, buf->offset);
2467 ASSERT(len <= sock->stream_buf.maxlen);
2468 len = htonps(len);
2469 ASSERT(buf_write_prepend(buf, &len, sizeof(len)));
2470#ifdef _WIN32
2471 return link_socket_write_win32(sock, buf, to);
2472#else
2473 return link_socket_write_tcp_posix(sock, buf);
2474#endif
2475}
2476
2477#if defined(__GNUC__) || defined(__clang__)
2478#pragma GCC diagnostic pop
2479#endif
2480
2481#if ENABLE_IP_PKTINFO
2482
2483ssize_t
2484link_socket_write_udp_posix_sendmsg(struct link_socket *sock, struct buffer *buf,
2485 struct link_socket_actual *to)
2486{
2487 struct iovec iov;
2488 struct msghdr mesg;
2489 struct cmsghdr *cmsg;
2490 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2491
2492 iov.iov_base = BPTR(buf);
2493 iov.iov_len = BLEN(buf);
2494 mesg.msg_iov = &iov;
2495 mesg.msg_iovlen = 1;
2496 switch (to->dest.addr.sa.sa_family)
2497 {
2498 case AF_INET:
2499 {
2500 mesg.msg_name = &to->dest.addr.sa;
2501 mesg.msg_namelen = sizeof(struct sockaddr_in);
2502 mesg.msg_control = pktinfo_buf;
2503 mesg.msg_flags = 0;
2504#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2505 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
2506 cmsg = CMSG_FIRSTHDR(&mesg);
2507 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
2508 cmsg->cmsg_level = SOL_IP;
2509 cmsg->cmsg_type = IP_PKTINFO;
2510 {
2511 struct in_pktinfo *pkti;
2512 pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2513 pkti->ipi_ifindex = to->pi.in4.ipi_ifindex;
2514 pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst;
2515 pkti->ipi_addr.s_addr = 0;
2516 }
2517#elif defined(IP_RECVDSTADDR)
2518 ASSERT(CMSG_SPACE(sizeof(struct in_addr)) <= sizeof(pktinfo_buf));
2519 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr));
2520 cmsg = CMSG_FIRSTHDR(&mesg);
2521 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
2522 cmsg->cmsg_level = IPPROTO_IP;
2523 cmsg->cmsg_type = IP_RECVDSTADDR;
2524 *(struct in_addr *)CMSG_DATA(cmsg) = to->pi.in4;
2525#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2526#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2527#endif /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2528 break;
2529 }
2530
2531 case AF_INET6:
2532 {
2533 struct in6_pktinfo *pkti6;
2534 mesg.msg_name = &to->dest.addr.sa;
2535 mesg.msg_namelen = sizeof(struct sockaddr_in6);
2536
2537 ASSERT(CMSG_SPACE(sizeof(struct in6_pktinfo)) <= sizeof(pktinfo_buf));
2538 mesg.msg_control = pktinfo_buf;
2539 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo));
2540 mesg.msg_flags = 0;
2541 cmsg = CMSG_FIRSTHDR(&mesg);
2542 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
2543 cmsg->cmsg_level = IPPROTO_IPV6;
2544 cmsg->cmsg_type = IPV6_PKTINFO;
2545
2546 pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2547 pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex;
2548 pkti6->ipi6_addr = to->pi.in6.ipi6_addr;
2549 break;
2550 }
2551
2552 default:
2553 ASSERT(0);
2554 }
2555 return sendmsg(sock->sd, &mesg, 0);
2556}
2557
2558#endif /* if ENABLE_IP_PKTINFO */
2559
2560/*
2561 * Win32 overlapped socket I/O functions.
2562 */
2563
2564#ifdef _WIN32
2565
2566static int
2567socket_get_last_error(const struct link_socket *sock)
2568{
2569 if (socket_is_dco_win(sock))
2570 {
2571 return GetLastError();
2572 }
2573
2574 return WSAGetLastError();
2575}
2576
2577int
2578socket_recv_queue(struct link_socket *sock, int maxsize)
2579{
2580 if (sock->reads.iostate == IOSTATE_INITIAL)
2581 {
2582 WSABUF wsabuf[1];
2583 int status;
2584
2585 /* reset buf to its initial state */
2586 if (proto_is_udp(sock->info.proto))
2587 {
2588 sock->reads.buf = sock->reads.buf_init;
2589 }
2590 else if (proto_is_tcp(sock->info.proto))
2591 {
2592 stream_buf_get_next(&sock->stream_buf, &sock->reads.buf);
2593 }
2594 else
2595 {
2596 ASSERT(0);
2597 }
2598
2599 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2600 wsabuf[0].buf = BSTR(&sock->reads.buf);
2601 wsabuf[0].len = maxsize ? maxsize : BLEN(&sock->reads.buf);
2602
2603 /* check for buffer overflow */
2604 ASSERT(wsabuf[0].len <= BLEN(&sock->reads.buf));
2605
2606 /* the overlapped read will signal this event on I/O completion */
2607 ASSERT(ResetEvent(sock->reads.overlapped.hEvent));
2608 sock->reads.flags = 0;
2609
2610 if (socket_is_dco_win(sock))
2611 {
2612 status = ReadFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->reads.size,
2613 &sock->reads.overlapped);
2614 /* Readfile status is inverted from WSARecv */
2615 status = !status;
2616 }
2617 else if (proto_is_udp(sock->info.proto))
2618 {
2619 sock->reads.addr_defined = true;
2620 sock->reads.addrlen = sizeof(sock->reads.addr6);
2621 status = WSARecvFrom(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2622 (struct sockaddr *)&sock->reads.addr, &sock->reads.addrlen,
2623 &sock->reads.overlapped, NULL);
2624 }
2625 else if (proto_is_tcp(sock->info.proto))
2626 {
2627 sock->reads.addr_defined = false;
2628 status = WSARecv(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2629 &sock->reads.overlapped, NULL);
2630 }
2631 else
2632 {
2633 status = 0;
2634 ASSERT(0);
2635 }
2636
2637 if (!status) /* operation completed immediately? */
2638 {
2639 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2640 int af_len = af_addr_size(sock->info.af);
2641 if (sock->reads.addr_defined && af_len && sock->reads.addrlen != af_len)
2642 {
2643 bad_address_length(sock->reads.addrlen, af_len);
2644 }
2645 sock->reads.iostate = IOSTATE_IMMEDIATE_RETURN;
2646
2647 /* since we got an immediate return, we must signal the event object ourselves */
2648 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2649 sock->reads.status = 0;
2650
2651 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive immediate return [%d,%d]",
2652 (int)wsabuf[0].len, (int)sock->reads.size);
2653 }
2654 else
2655 {
2656 status = socket_get_last_error(sock);
2657 if (status == WSA_IO_PENDING) /* operation queued? */
2658 {
2659 sock->reads.iostate = IOSTATE_QUEUED;
2660 sock->reads.status = status;
2661 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive queued [%d]", (int)wsabuf[0].len);
2662 }
2663 else /* error occurred */
2664 {
2665 struct gc_arena gc = gc_new();
2666 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2667 sock->reads.iostate = IOSTATE_IMMEDIATE_RETURN;
2668 sock->reads.status = status;
2669 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive error [%d]: %s", (int)wsabuf[0].len,
2670 strerror_win32(status, &gc));
2671 gc_free(&gc);
2672 }
2673 }
2674 }
2675 return sock->reads.iostate;
2676}
2677
2678int
2679socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
2680{
2681 if (sock->writes.iostate == IOSTATE_INITIAL)
2682 {
2683 WSABUF wsabuf[1];
2684 int status;
2685
2686 /* make a private copy of buf */
2687 sock->writes.buf = sock->writes.buf_init;
2688 sock->writes.buf.len = 0;
2689 ASSERT(buf_copy(&sock->writes.buf, buf));
2690
2691 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2692 wsabuf[0].buf = BSTR(&sock->writes.buf);
2693 wsabuf[0].len = BLEN(&sock->writes.buf);
2694
2695 /* the overlapped write will signal this event on I/O completion */
2696 ASSERT(ResetEvent(sock->writes.overlapped.hEvent));
2697 sock->writes.flags = 0;
2698
2699 if (socket_is_dco_win(sock))
2700 {
2701 status = WriteFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->writes.size,
2702 &sock->writes.overlapped);
2703
2704 /* WriteFile status is inverted from WSASendTo */
2705 status = !status;
2706 }
2707 else if (proto_is_udp(sock->info.proto))
2708 {
2709 /* set destination address for UDP writes */
2710 sock->writes.addr_defined = true;
2711 if (to->dest.addr.sa.sa_family == AF_INET6)
2712 {
2713 sock->writes.addr6 = to->dest.addr.in6;
2714 sock->writes.addrlen = sizeof(sock->writes.addr6);
2715 }
2716 else
2717 {
2718 sock->writes.addr = to->dest.addr.in4;
2719 sock->writes.addrlen = sizeof(sock->writes.addr);
2720 }
2721
2722 status = WSASendTo(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2723 (struct sockaddr *)&sock->writes.addr, sock->writes.addrlen,
2724 &sock->writes.overlapped, NULL);
2725 }
2726 else if (proto_is_tcp(sock->info.proto))
2727 {
2728 /* destination address for TCP writes was established on connection initiation */
2729 sock->writes.addr_defined = false;
2730
2731 status = WSASend(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2732 &sock->writes.overlapped, NULL);
2733 }
2734 else
2735 {
2736 status = 0;
2737 ASSERT(0);
2738 }
2739
2740 if (!status) /* operation completed immediately? */
2741 {
2742 sock->writes.iostate = IOSTATE_IMMEDIATE_RETURN;
2743
2744 /* since we got an immediate return, we must signal the event object ourselves */
2745 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2746
2747 sock->writes.status = 0;
2748
2749 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send immediate return [%d,%d]", (int)wsabuf[0].len,
2750 (int)sock->writes.size);
2751 }
2752 else
2753 {
2754 status = socket_get_last_error(sock);
2755 /* both status code have the identical value */
2756 if (status == WSA_IO_PENDING || status == ERROR_IO_PENDING) /* operation queued? */
2757 {
2758 sock->writes.iostate = IOSTATE_QUEUED;
2759 sock->writes.status = status;
2760 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send queued [%d]", (int)wsabuf[0].len);
2761 }
2762 else /* error occurred */
2763 {
2764 struct gc_arena gc = gc_new();
2765 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2766 sock->writes.iostate = IOSTATE_IMMEDIATE_RETURN;
2767 sock->writes.status = status;
2768
2769 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send error [%d]: %s", (int)wsabuf[0].len,
2770 strerror_win32(status, &gc));
2771
2772 gc_free(&gc);
2773 }
2774 }
2775 }
2776 return sock->writes.iostate;
2777}
2778
2779void
2780read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
2781{
2782 if (overlapped_ret >= 0 && io->addr_defined)
2783 {
2784 /* TODO(jjo): streamline this mess */
2785 /* in this func we don't have relevant info about the PF_ of this
2786 * endpoint, as link_socket_actual will be zero for the 1st received packet
2787 *
2788 * Test for inets PF_ possible sizes
2789 */
2790 switch (io->addrlen)
2791 {
2792 case sizeof(struct sockaddr_in):
2793 case sizeof(struct sockaddr_in6):
2794 /* TODO(jjo): for some reason (?) I'm getting 24,28 for AF_INET6
2795 * under _WIN32*/
2796 case sizeof(struct sockaddr_in6) - 4:
2797 break;
2798
2799 default:
2800 bad_address_length(io->addrlen, af_addr_size(io->addr.sin_family));
2801 }
2802
2803 switch (io->addr.sin_family)
2804 {
2805 case AF_INET:
2806 memcpy(dst, &io->addr, sizeof(struct sockaddr_in));
2807 break;
2808
2809 case AF_INET6:
2810 memcpy(dst, &io->addr6, sizeof(struct sockaddr_in6));
2811 break;
2812 }
2813 }
2814 else
2815 {
2816 CLEAR(*dst);
2817 }
2818}
2819
2829static int
2830read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
2831{
2832 int sa_len = 0;
2833
2834 const struct sockaddr *sa = (const struct sockaddr *)BPTR(buf);
2835 switch (sa->sa_family)
2836 {
2837 case AF_INET:
2838 sa_len = sizeof(struct sockaddr_in);
2839 if (buf_len(buf) < sa_len)
2840 {
2841 msg(M_FATAL,
2842 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2843 buf_len(buf), sa_len);
2844 }
2845 memcpy(dst, sa, sa_len);
2846 buf_advance(buf, sa_len);
2847 break;
2848
2849 case AF_INET6:
2850 sa_len = sizeof(struct sockaddr_in6);
2851 if (buf_len(buf) < sa_len)
2852 {
2853 msg(M_FATAL,
2854 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2855 buf_len(buf), sa_len);
2856 }
2857 memcpy(dst, sa, sa_len);
2858 buf_advance(buf, sa_len);
2859 break;
2860
2861 default:
2862 msg(M_FATAL, "ERROR: received incoming packet with invalid address family %d.",
2863 sa->sa_family);
2864 }
2865
2866 return sa_len;
2867}
2868
2869/* Returns the number of bytes successfully read */
2870int
2871sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf,
2872 struct link_socket_actual *from)
2873{
2874 int ret = -1;
2875 BOOL status;
2876
2877 switch (io->iostate)
2878 {
2879 case IOSTATE_QUEUED:
2880 status = SocketHandleGetOverlappedResult(sh, io);
2881 if (status)
2882 {
2883 /* successful return for a queued operation */
2884 if (buf)
2885 {
2886 *buf = io->buf;
2887 }
2888 ret = io->size;
2889 io->iostate = IOSTATE_INITIAL;
2890 ASSERT(ResetEvent(io->overlapped.hEvent));
2891
2892 dmsg(D_WIN32_IO, "WIN32 I/O: Completion success [%d]", ret);
2893 }
2894 else
2895 {
2896 /* error during a queued operation */
2897 ret = -1;
2898 if (SocketHandleGetLastError(sh) != ERROR_IO_INCOMPLETE)
2899 {
2900 /* if no error (i.e. just not finished yet), then DON'T execute this code */
2901 io->iostate = IOSTATE_INITIAL;
2902 ASSERT(ResetEvent(io->overlapped.hEvent));
2903 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion error");
2904 }
2905 }
2906 break;
2907
2908 case IOSTATE_IMMEDIATE_RETURN:
2909 io->iostate = IOSTATE_INITIAL;
2910 ASSERT(ResetEvent(io->overlapped.hEvent));
2911 if (io->status)
2912 {
2913 /* error return for a non-queued operation */
2914 SocketHandleSetLastError(sh, io->status);
2915 ret = -1;
2916 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion non-queued error");
2917 }
2918 else
2919 {
2920 /* successful return for a non-queued operation */
2921 if (buf)
2922 {
2923 *buf = io->buf;
2924 }
2925 ret = io->size;
2926 dmsg(D_WIN32_IO, "WIN32 I/O: Completion non-queued success [%d]", ret);
2927 }
2928 break;
2929
2930 case IOSTATE_INITIAL: /* were we called without proper queueing? */
2931 SocketHandleSetInvalError(sh);
2932 ret = -1;
2933 dmsg(D_WIN32_IO, "WIN32 I/O: Completion BAD STATE");
2934 break;
2935
2936 default:
2937 ASSERT(0);
2938 }
2939
2940 if (from && ret > 0 && sh.is_handle && sh.prepend_sa)
2941 {
2942 ret -= read_sockaddr_from_packet(buf, &from->dest.addr.sa);
2943 }
2944
2945 if (!sh.is_handle && from)
2946 {
2947 read_sockaddr_from_overlapped(io, &from->dest.addr.sa, ret);
2948 }
2949
2950 if (buf)
2951 {
2952 buf->len = ret;
2953 }
2954 return ret;
2955}
2956
2957#endif /* _WIN32 */
2958
2959/*
2960 * Socket event notification
2961 */
2962
2963unsigned int
2964socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg,
2965 unsigned int *persistent)
2966{
2967 if (s)
2968 {
2969 if ((rwflags & EVENT_READ) && !stream_buf_read_setup(s))
2970 {
2971 ASSERT(!persistent);
2972 rwflags &= ~EVENT_READ;
2973 }
2974
2975#ifdef _WIN32
2976 if (rwflags & EVENT_READ)
2977 {
2978 socket_recv_queue(s, 0);
2979 }
2980#endif
2981
2982 /* if persistent is defined, call event_ctl only if rwflags has changed since last call */
2983 if (!persistent || *persistent != rwflags)
2984 {
2985 event_ctl(es, socket_event_handle(s), rwflags, arg);
2986 if (persistent)
2987 {
2988 *persistent = rwflags;
2989 }
2990 }
2991
2992 s->rwflags_debug = rwflags;
2993 }
2994 return rwflags;
2995}
2996
2997void
2998sd_close(socket_descriptor_t *sd)
2999{
3000 if (sd && socket_defined(*sd))
3001 {
3002 openvpn_close_socket(*sd);
3003 *sd = SOCKET_UNDEFINED;
3004 }
3005}
3006
3007#if UNIX_SOCK_SUPPORT
3008
3009/*
3010 * code for unix domain sockets
3011 */
3012
3013const char *
3014sockaddr_unix_name(const struct sockaddr_un *local, const char *null)
3015{
3016 if (local && local->sun_family == PF_UNIX)
3017 {
3018 return local->sun_path;
3019 }
3020 else
3021 {
3022 return null;
3023 }
3024}
3025
3026socket_descriptor_t
3027create_socket_unix(void)
3028{
3029 socket_descriptor_t sd;
3030
3031 if ((sd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
3032 {
3033 msg(M_ERR, "Cannot create unix domain socket");
3034 }
3035
3036 /* set socket file descriptor to not pass across execs, so that
3037 * scripts don't have access to it */
3038 set_cloexec(sd);
3039
3040 return sd;
3041}
3042
3043void
3044socket_bind_unix(socket_descriptor_t sd, struct sockaddr_un *local, const char *prefix)
3045{
3046 struct gc_arena gc = gc_new();
3047 const mode_t orig_umask = umask(0);
3048
3049 if (bind(sd, (struct sockaddr *)local, sizeof(struct sockaddr_un)))
3050 {
3051 msg(M_FATAL | M_ERRNO, "%s: Socket bind[%d] failed on unix domain socket %s", prefix,
3052 (int)sd, sockaddr_unix_name(local, "NULL"));
3053 }
3054
3055 umask(orig_umask);
3056 gc_free(&gc);
3057}
3058
3059socket_descriptor_t
3060socket_accept_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3061{
3062 socklen_t remote_len = sizeof(struct sockaddr_un);
3063 socket_descriptor_t ret;
3064
3065 CLEAR(*remote);
3066 ret = accept(sd, (struct sockaddr *)remote, &remote_len);
3067 if (ret >= 0)
3068 {
3069 /* set socket file descriptor to not pass across execs, so that
3070 * scripts don't have access to it */
3071 set_cloexec(ret);
3072 }
3073 return ret;
3074}
3075
3076int
3077socket_connect_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3078{
3079 int status = connect(sd, (struct sockaddr *)remote, sizeof(struct sockaddr_un));
3080 if (status)
3081 {
3082 status = openvpn_errno();
3083 }
3084 return status;
3085}
3086
3087void
3088sockaddr_unix_init(struct sockaddr_un *local, const char *path)
3089{
3090 local->sun_family = PF_UNIX;
3091 strncpynt(local->sun_path, path, sizeof(local->sun_path));
3092}
3093
3094void
3095socket_delete_unix(const struct sockaddr_un *local)
3096{
3097 const char *name = sockaddr_unix_name(local, NULL);
3098 if (name && strlen(name))
3099 {
3100 unlink(name);
3101 }
3102}
3103
3104bool
3105unix_socket_get_peer_uid_gid(const socket_descriptor_t sd, uid_t *uid, gid_t *gid)
3106{
3107#ifdef HAVE_GETPEEREID
3108 uid_t u;
3109 gid_t g;
3110 if (getpeereid(sd, &u, &g) == -1)
3111 {
3112 return false;
3113 }
3114 if (uid)
3115 {
3116 *uid = u;
3117 }
3118 if (gid)
3119 {
3120 *gid = g;
3121 }
3122 return true;
3123#elif defined(SO_PEERCRED)
3124 struct ucred peercred;
3125 socklen_t so_len = sizeof(peercred);
3126 if (getsockopt(sd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1)
3127 {
3128 return false;
3129 }
3130 if (uid)
3131 {
3132 *uid = peercred.uid;
3133 }
3134 if (gid)
3135 {
3136 *gid = peercred.gid;
3137 }
3138 return true;
3139#else /* ifdef HAVE_GETPEEREID */
3140 return false;
3141#endif /* ifdef HAVE_GETPEEREID */
3142}
3143
3144#endif /* if UNIX_SOCK_SUPPORT */
argv_parse_cmd
void argv_parse_cmd(struct argv *argres, const char *cmdstr)
Parses a command string, tokenizes it and puts each element into a separate struct argv argument slot...
Definition argv.c:481
argv_free
void argv_free(struct argv *a)
Frees all memory allocations allocated by the struct argv related functions.
Definition argv.c:101
argv_printf
bool argv_printf(struct argv *argres, const char *format,...)
printf() variant which populates a struct argv.
Definition argv.c:438
argv_printf_cat
bool argv_printf_cat(struct argv *argres, const char *format,...)
printf() inspired argv concatenation.
Definition argv.c:462
argv_new
struct argv argv_new(void)
Allocates a new struct argv and ensures it is initialised.
Definition argv.c:87
free_buf
void free_buf(struct buffer *buf)
Definition buffer.c:184
buf_printf
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241
alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89
alloc_buf
struct buffer alloc_buf(size_t size)
Definition buffer.c:63
gc_addspecial
void gc_addspecial(void *addr, void(*free_function)(void *), struct gc_arena *a)
Definition buffer.c:438
BSTR
#define BSTR(buf)
Definition buffer.h:128
buf_copy
static bool buf_copy(struct buffer *dest, const struct buffer *src)
Definition buffer.h:704
BPTR
#define BPTR(buf)
Definition buffer.h:123
buf_copy_excess
static bool buf_copy_excess(struct buffer *dest, struct buffer *src, int len)
Definition buffer.h:739
buf_write_prepend
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
Definition buffer.h:672
buf_reset
static void buf_reset(struct buffer *buf)
Definition buffer.h:303
buf_safe
static bool buf_safe(const struct buffer *buf, size_t len)
Definition buffer.h:518
buf_read
static bool buf_read(struct buffer *src, void *dest, int size)
Definition buffer.h:762
buf_advance
static bool buf_advance(struct buffer *buf, int size)
Definition buffer.h:616
buf_len
static int buf_len(const struct buffer *buf)
Definition buffer.h:253
buf_forward_capacity
static int buf_forward_capacity(const struct buffer *buf)
Definition buffer.h:539
ALLOC_OBJ_CLEAR_GC
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
Definition buffer.h:1089
BLEN
#define BLEN(buf)
Definition buffer.h:126
strncpynt
static void strncpynt(char *dest, const char *src, size_t maxlen)
Definition buffer.h:361
gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1025
ALLOC_OBJ_CLEAR
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition buffer.h:1052
buf_defined
static bool buf_defined(const struct buffer *buf)
Definition buffer.h:228
buf_init
#define buf_init(buf, offset)
Definition buffer.h:209
gc_freeaddrinfo_callback
static void gc_freeaddrinfo_callback(void *addr)
Definition buffer.h:215
gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1017
buf_forward_capacity_total
static int buf_forward_capacity_total(const struct buffer *buf)
Definition buffer.h:557
dco_mp_start_vpn
void dco_mp_start_vpn(HANDLE handle, struct link_socket *sock)
Initializes and binds the kernel UDP transport socket for multipeer mode.
Definition dco_win.c:283
dco_p2p_new_peer
void dco_p2p_new_peer(HANDLE handle, OVERLAPPED *ov, struct link_socket *sock, struct signal_info *sig_info)
Definition dco_win.c:327
setenv_str
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition env_set.c:307
D_WIN32_IO
#define D_WIN32_IO
Definition errlevel.h:172
D_STREAM_ERRORS
#define D_STREAM_ERRORS
Definition errlevel.h:62
D_SOCKET_DEBUG
#define D_SOCKET_DEBUG
Definition errlevel.h:139
D_STREAM_DEBUG
#define D_STREAM_DEBUG
Definition errlevel.h:171
D_INIT_MEDIUM
#define D_INIT_MEDIUM
Definition errlevel.h:103
D_READ_WRITE
#define D_READ_WRITE
Definition errlevel.h:166
D_OSBUF
#define D_OSBUF
Definition errlevel.h:90
D_LOW
#define D_LOW
Definition errlevel.h:96
M_INFO
#define M_INFO
Definition errlevel.h:54
D_LINK_ERRORS
#define D_LINK_ERRORS
Definition errlevel.h:56
EVENT_WRITE
#define EVENT_WRITE
Definition event.h:38
EVENT_READ
#define EVENT_READ
Definition event.h:37
EVENT_ARG_LINK_SOCKET
@ EVENT_ARG_LINK_SOCKET
Definition event.h:135
event_ctl
static void event_ctl(struct event_set *es, event_t event, unsigned int rwflags, void *arg)
Definition event.h:180
set_nonblock
void set_nonblock(socket_descriptor_t fd)
Definition fdmisc.c:68
set_cloexec
void set_cloexec(socket_descriptor_t fd)
Definition fdmisc.c:78
openvpn_fd_set
static void openvpn_fd_set(socket_descriptor_t fd, fd_set *setp)
Definition fdmisc.h:39
get_server_poll_remaining_time
int get_server_poll_remaining_time(struct event_timeout *server_poll_timeout)
Definition forward.c:504
forward.h
Interface functions to the internal and external multiplexers.
status
static SERVICE_STATUS status
Definition interactive.c:51
management_set_state
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
Definition manage.c:2789
management_sleep
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing.
Definition manage.c:4140
OPENVPN_STATE_TCP_CONNECT
#define OPENVPN_STATE_TCP_CONNECT
Definition manage.h:461
alloc_buf_sock_tun
void alloc_buf_sock_tun(struct buffer *buf, const struct frame *frame)
Definition mtu.c:41
set_mtu_discover_type
void set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af)
Definition mtu.c:218
CLEAR
#define CLEAR(x)
Definition basic.h:32
strerror_win32
const char * strerror_win32(DWORD errnum, struct gc_arena *gc)
Definition error.c:768
M_FATAL
#define M_FATAL
Definition error.h:90
M_NONFATAL
#define M_NONFATAL
Definition error.h:91
dmsg
#define dmsg(flags,...)
Definition error.h:172
M_ERR
#define M_ERR
Definition error.h:106
openvpn_errno
#define openvpn_errno()
Definition error.h:71
msg
#define msg(flags,...)
Definition error.h:152
msglvl_t
unsigned int msglvl_t
Definition error.h:77
ASSERT
#define ASSERT(x)
Definition error.h:219
M_WARN
#define M_WARN
Definition error.h:92
M_ERRNO
#define M_ERRNO
Definition error.h:95
CM_CHILD_TCP
#define CM_CHILD_TCP
Definition openvpn.h:486
CM_CHILD_UDP
#define CM_CHILD_UDP
Definition openvpn.h:485
MODE_POINT_TO_POINT
#define MODE_POINT_TO_POINT
Definition options.h:263
MODE_SERVER
#define MODE_SERVER
Definition options.h:264
streq
#define streq(x, y)
Definition options.h:728
dco_enabled
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
Definition options.h:997
plugin_defined
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition plugin.c:904
plugin_call
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition plugin.h:195
establish_http_proxy_passthru
bool establish_http_proxy_passthru(struct http_proxy_info *p, socket_descriptor_t sd, const char *host, const char *port, struct event_timeout *server_poll_timeout, struct buffer *lookahead, struct signal_info *sig_info)
Definition proxy.c:625
run_command.h
openvpn_run_script
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise.
Definition run_command.h:89
throw_signal_soft
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
Definition sig.c:204
signal_reset
int signal_reset(struct signal_info *si, int signum)
Clear the signal if its current value equals signum.
Definition sig.c:262
throw_signal
void throw_signal(const int signum)
Throw a hard signal.
Definition sig.c:175
siginfo_static
struct signal_info siginfo_static
Definition sig.c:44
register_signal
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
Definition sig.c:228
SIG_SOURCE_HARD
#define SIG_SOURCE_HARD
Definition sig.h:30
get_signal
static void get_signal(volatile int *sig)
Copy the global signal_received (if non-zero) to the passed-in argument sig.
Definition sig.h:109
link_socket_init_phase1
void link_socket_init_phase1(struct context *c, int sock_index, int mode)
Definition socket.c:1385
get_cached_dns_entry
static int get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname, int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
Definition socket.c:260
resolve_bind_local
static void resolve_bind_local(struct link_socket *sock, const sa_family_t af)
Definition socket.c:1205
socket_get_sndbuf
static int socket_get_sndbuf(socket_descriptor_t sd)
Definition socket.c:422
socket_set_sndbuf
static void socket_set_sndbuf(socket_descriptor_t sd, int size)
Definition socket.c:438
socket_listen_accept
static socket_descriptor_t socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act, const char *remote_dynamic, const struct addrinfo *local, bool do_listen, bool nowait, volatile int *signal_received)
Definition socket.c:866
link_socket_init_phase2
void link_socket_init_phase2(struct context *c, struct link_socket *sock)
Definition socket.c:1728
socket_send_queue
int socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
Definition socket.c:2679
ipchange_fmt
static void ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info, struct gc_arena *gc)
Definition socket.c:1907
socket_get_last_error
static int socket_get_last_error(const struct link_socket *sock)
Definition socket.c:2567
link_socket_write_tcp
ssize_t link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.c:2463
link_socket_update_buffer_sizes
void link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
Definition socket.c:564
create_socket_udp
static socket_descriptor_t create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
Definition socket.c:612
phase2_tcp_server
static void phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1577
create_socket
static void create_socket(struct link_socket *sock, struct addrinfo *addr)
Definition socket.c:684
link_socket_current_remote_ipv6
const struct in6_addr * link_socket_current_remote_ipv6(const struct link_socket_info *info)
Definition socket.c:2042
set_actual_address
void set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
Definition socket.c:1097
socket_set_rcvbuf
static bool socket_set_rcvbuf(socket_descriptor_t sd, int size)
Definition socket.c:465
stream_buf_set_next
static void stream_buf_set_next(struct stream_buf *sb)
Definition socket.c:2136
socket_stat
const char * socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
Definition socket.c:2075
do_preresolve_host
static int do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af, const unsigned int flags)
Definition socket.c:283
bad_address_length
void bad_address_length(int actual, int expected)
Definition socket.c:2281
stream_buf_added
static bool stream_buf_added(struct stream_buf *sb, int length_added)
Definition socket.c:2184
socket_listen_event_handle
event_t socket_listen_event_handle(struct link_socket *s)
Definition socket.c:2262
sd_close
void sd_close(socket_descriptor_t *sd)
Definition socket.c:2998
linksock_print_addr
static void linksock_print_addr(struct link_socket *sock)
Definition socket.c:1540
socket_set_mark
static void socket_set_mark(socket_descriptor_t sd, int mark)
Definition socket.c:525
stream_buf_close
static void stream_buf_close(struct stream_buf *sb)
Definition socket.c:2251
stream_buf_get_final
static void stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2149
socket_connect
static void socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout, struct signal_info *sig_info)
Definition socket.c:1117
bind_local
static void bind_local(struct link_socket *sock, const sa_family_t ai_family)
Definition socket.c:666
stream_buf_read_setup_dowork
bool stream_buf_read_setup_dowork(struct link_socket *sock)
Definition socket.c:2165
phase2_socks_client
static void phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1646
socket_set_tcp_nodelay
static bool socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
Definition socket.c:505
get_addr_generic
static int get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network, unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info, msglvl_t msglevel)
Definition socket.c:84
socket_do_accept
socket_descriptor_t socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
Definition socket.c:791
socket_do_listen
static void socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen, bool do_set_nonblock)
Definition socket.c:766
socket_recv_queue
int socket_recv_queue(struct link_socket *sock, int maxsize)
Definition socket.c:2578
link_socket_close
void link_socket_close(struct link_socket *sock)
Definition socket.c:1849
get_ipv6_addr
bool get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits, msglvl_t msglevel)
Translate an IPv6 addr or hostname from string form to in6_addr.
Definition socket.c:226
link_socket_connection_initiated
void link_socket_connection_initiated(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
Definition socket.c:1923
socket_set_buffers
void socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
Sets the receive and send buffer sizes of a socket descriptor.
Definition socket.c:478
streqnull
static bool streqnull(const char *a, const char *b)
Definition socket.c:239
phase2_set_socket_flags
static void phase2_set_socket_flags(struct link_socket *sock)
Definition socket.c:1521
resolve_remote
static void resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1255
link_socket_bad_outgoing_addr
void link_socket_bad_outgoing_addr(void)
Definition socket.c:2002
sockethandle_finalize
int sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf, struct link_socket_actual *from)
Definition socket.c:2871
link_socket_current_remote
in_addr_t link_socket_current_remote(const struct link_socket_info *info)
Definition socket.c:2008
socket_get_rcvbuf
static int socket_get_rcvbuf(socket_descriptor_t sd)
Definition socket.c:449
link_socket_read_tcp
int link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
Definition socket.c:2293
openvpn_connect
int openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout, volatile int *signal_received)
Definition socket.c:1004
socket_set
unsigned int socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg, unsigned int *persistent)
Definition socket.c:2964
sf2gaf
static unsigned int sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
Definition socket.c:63
do_preresolve
void do_preresolve(struct context *c)
Definition socket.c:327
link_socket_bad_incoming_addr
void link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info, const struct link_socket_actual *from_addr)
Definition socket.c:1975
phase2_tcp_client
static void phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1611
socket_bind
void socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix, bool ipv6only)
Definition socket.c:954
create_socket_tcp
socket_descriptor_t create_socket_tcp(struct addrinfo *addrinfo)
Definition socket.c:580
socket_frame_init
static void socket_frame_init(const struct frame *frame, struct link_socket *sock)
Definition socket.c:1176
stream_buf_reset
static void stream_buf_reset(struct stream_buf *sb)
Definition socket.c:2108
stream_buf_get_next
static void stream_buf_get_next(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2157
create_socket_dco_win
static void create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1680
tcp_connection_established
static void tcp_connection_established(const struct link_socket_actual *act)
Definition socket.c:854
socket_set_flags
static bool socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
Definition socket.c:536
link_socket_new
struct link_socket * link_socket_new(void)
Definition socket.c:1371
read_sockaddr_from_packet
static int read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
Extracts a sockaddr from a packet payload.
Definition socket.c:2830
sockets_read_residual
bool sockets_read_residual(const struct context *c)
Definition socket.c:45
getaddr
in_addr_t getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded, struct signal_info *sig_info)
Translate an IPv4 addr or hostname from string form to in_addr_t.
Definition socket.c:199
setenv_trusted
void setenv_trusted(struct env_set *es, const struct link_socket_info *info)
Definition socket.c:1901
read_sockaddr_from_overlapped
void read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
Definition socket.c:2780
link_socket_update_flags
bool link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
Definition socket.c:550
stream_buf_init
static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags, const int proto)
Definition socket.c:2118
socket_event_handle
static event_t socket_event_handle(const struct link_socket *sock)
Definition socket.h:768
IPV4_INVALID_ADDR
#define IPV4_INVALID_ADDR
Definition socket.h:357
SocketHandleGetOverlappedResult
static BOOL SocketHandleGetOverlappedResult(sockethandle_t sh, struct overlapped_io *io)
Definition socket.h:270
LS_MODE_TCP_ACCEPT_FROM
#define LS_MODE_TCP_ACCEPT_FROM
Definition socket.h:181
SF_DCO_WIN
#define SF_DCO_WIN
Definition socket.h:196
link_socket_connection_oriented
static bool link_socket_connection_oriented(const struct link_socket *sock)
Definition socket.h:409
stream_buf_read_setup
static bool stream_buf_read_setup(struct link_socket *sock)
Definition socket.h:534
SocketHandleSetLastError
static void SocketHandleSetLastError(sockethandle_t sh, DWORD err)
Definition socket.h:284
SocketHandleGetLastError
static int SocketHandleGetLastError(sockethandle_t sh)
Definition socket.h:278
SocketHandleSetInvalError
static void SocketHandleSetInvalError(sockethandle_t sh)
Definition socket.h:290
SF_TCP_NODELAY
#define SF_TCP_NODELAY
Definition socket.h:192
RESOLV_RETRY_INFINITE
#define RESOLV_RETRY_INFINITE
Definition socket.h:48
SF_USE_IP_PKTINFO
#define SF_USE_IP_PKTINFO
Definition socket.h:191
LS_MODE_DEFAULT
#define LS_MODE_DEFAULT
Definition socket.h:179
MSG_NOSIGNAL
#define MSG_NOSIGNAL
Definition socket.h:243
packet_size_type
uint16_t packet_size_type
Definition socket.h:56
socket_is_dco_win
static bool socket_is_dco_win(const struct link_socket *s)
Returns true if we are on Windows and this link is running on DCO-WIN.
Definition socket.h:552
SF_HOST_RANDOMIZE
#define SF_HOST_RANDOMIZE
Definition socket.h:194
SF_GETADDRINFO_DGRAM
#define SF_GETADDRINFO_DGRAM
Definition socket.h:195
LS_MODE_TCP_LISTEN
#define LS_MODE_TCP_LISTEN
Definition socket.h:180
SF_PORT_SHARE
#define SF_PORT_SHARE
Definition socket.h:193
ntohps
#define ntohps(x)
Definition socket.h:62
openvpn_select
static int openvpn_select(socket_descriptor_t nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout)
Definition socket.h:299
link_socket_write_win32
static int link_socket_write_win32(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.h:626
SF_PKTINFO_COPY_IIF
#define SF_PKTINFO_COPY_IIF
Definition socket.h:198
openvpn_close_socket
#define openvpn_close_socket(s)
Definition socket.h:248
htonps
#define htonps(x)
Definition socket.h:59
openvpn_bind
static int openvpn_bind(socket_descriptor_t sockfd, const struct sockaddr *addr, size_t addrlen)
Definition socket.h:314
proto2ascii
const char * proto2ascii(int proto, sa_family_t af, bool display_form)
Definition socket_util.c:409
openvpn_getaddrinfo
int openvpn_getaddrinfo(unsigned int flags, const char *hostname, const char *servname, int resolve_retry_seconds, struct signal_info *sig_info, int ai_family, struct addrinfo **res)
Definition socket_util.c:537
print_sockaddr_ex
const char * print_sockaddr_ex(const struct sockaddr *sa, const char *separator, const unsigned int flags, struct gc_arena *gc)
Definition socket_util.c:38
setenv_link_socket_actual
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
Definition socket_util.c:344
print_link_socket_actual
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
Definition socket_util.c:117
print_link_socket_actual_ex
const char * print_link_socket_actual_ex(const struct link_socket_actual *act, const char *separator, const unsigned int flags, struct gc_arena *gc)
Definition socket_util.c:127
addr_family_name
const char * addr_family_name(int af)
Definition socket_util.c:446
print_sockaddr
static const char * print_sockaddr(const struct sockaddr *addr, struct gc_arena *gc)
Definition socket_util.h:77
GETADDR_CACHE_MASK
#define GETADDR_CACHE_MASK
Definition socket_util.h:130
link_socket_actual_defined
static bool link_socket_actual_defined(const struct link_socket_actual *act)
Definition socket_util.h:328
GETADDR_TRY_ONCE
#define GETADDR_TRY_ONCE
Definition socket_util.h:124
SA_IP_PORT
#define SA_IP_PORT
Definition socket_util.h:99
GETADDR_PASSIVE
#define GETADDR_PASSIVE
Definition socket_util.h:127
proto_is_udp
static bool proto_is_udp(int proto)
Returns if the protocol being used is UDP.
Definition socket_util.h:195
GETADDR_FATAL
#define GETADDR_FATAL
Definition socket_util.h:118
GETADDR_UPDATE_MANAGEMENT_STATE
#define GETADDR_UPDATE_MANAGEMENT_STATE
Definition socket_util.h:125
addr_local
static bool addr_local(const struct sockaddr *addr)
Definition socket_util.h:254
PS_SHOW_PORT
#define PS_SHOW_PORT
Definition socket_util.h:31
PROTO_UDP
@ PROTO_UDP
Definition socket_util.h:177
PROTO_TCP_CLIENT
@ PROTO_TCP_CLIENT
Definition socket_util.h:180
PROTO_TCP_SERVER
@ PROTO_TCP_SERVER
Definition socket_util.h:179
GETADDR_HOST_ORDER
#define GETADDR_HOST_ORDER
Definition socket_util.h:119
PS_SHOW_PORT_IF_DEFINED
#define PS_SHOW_PORT_IF_DEFINED
Definition socket_util.h:30
GETADDR_RANDOMIZE
#define GETADDR_RANDOMIZE
Definition socket_util.h:126
GETADDR_DATAGRAM
#define GETADDR_DATAGRAM
Definition socket_util.h:128
proto_is_tcp
static bool proto_is_tcp(int proto)
returns if the proto is a TCP variant (tcp-server, tcp-client or tcp)
Definition socket_util.h:215
addr_zero_host
static void addr_zero_host(struct openvpn_sockaddr *addr)
Definition socket_util.h:450
proto_is_dgram
static bool proto_is_dgram(int proto)
Return if the protocol is datagram (UDP)
Definition socket_util.h:206
af_addr_size
static int af_addr_size(sa_family_t af)
Definition socket_util.h:465
GETADDR_RESOLVE
#define GETADDR_RESOLVE
Definition socket_util.h:117
GETADDR_MENTION_RESOLVE_RETRY
#define GETADDR_MENTION_RESOLVE_RETRY
Definition socket_util.h:120
GETADDR_WARN_ON_SIGNAL
#define GETADDR_WARN_ON_SIGNAL
Definition socket_util.h:122
addrlist_match
static bool addrlist_match(const struct openvpn_sockaddr *a1, const struct addrinfo *addrlist)
Definition socket_util.h:349
establish_socks_proxy_passthru
void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, const char *host, const char *servname, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:338
establish_socks_proxy_udpassoc
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:396
argv
Definition argv.h:35
buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65
buffer::offset
int offset
Offset in bytes of the actual content within the allocated memory.
Definition buffer.h:63
cached_dns_entry
Definition socket.h:66
cached_dns_entry::hostname
const char * hostname
Definition socket.h:67
cached_dns_entry::ai_family
int ai_family
Definition socket.h:69
cached_dns_entry::servname
const char * servname
Definition socket.h:68
cached_dns_entry::flags
unsigned int flags
Definition socket.h:70
cached_dns_entry::ai
struct addrinfo * ai
Definition socket.h:71
cached_dns_entry::next
struct cached_dns_entry * next
Definition socket.h:72
connection_entry
Definition options.h:107
connection_entry::local_list
struct local_list * local_list
Definition options.h:108
connection_entry::bind_local
bool bind_local
Definition options.h:118
connection_entry::remote
const char * remote
Definition options.h:114
connection_entry::socks_proxy_port
const char * socks_proxy_port
Definition options.h:124
connection_entry::http_proxy_options
struct http_proxy_options * http_proxy_options
Definition options.h:122
connection_entry::bind_ipv6_only
bool bind_ipv6_only
Definition options.h:117
connection_entry::remote_float
bool remote_float
Definition options.h:115
connection_entry::remote_port
const char * remote_port
Definition options.h:113
connection_entry::socks_proxy_server
const char * socks_proxy_server
Definition options.h:123
connection_entry::mtu_discover_type
int mtu_discover_type
Definition options.h:139
connection_entry::proto
int proto
Definition options.h:109
connection_entry::af
sa_family_t af
Definition options.h:110
connection_entry::flags
unsigned int flags
Definition options.h:162
connection_list
Definition options.h:200
connection_list::array
struct connection_entry ** array
Definition options.h:204
connection_list::len
int len
Definition options.h:202
context_1::link_socket_addrs
struct link_socket_addr * link_socket_addrs
Local and remote addresses on the external network.
Definition openvpn.h:159
context_1::link_sockets_num
int link_sockets_num
Definition openvpn.h:158
context_1::http_proxy
struct http_proxy_info * http_proxy
Definition openvpn.h:189
context_1::socks_proxy
struct socks_proxy_info * socks_proxy
Definition openvpn.h:193
context_1::dns_cache
struct cached_dns_entry * dns_cache
Definition openvpn.h:167
context_1::tuntap
struct tuntap * tuntap
Tun/tap virtual network interface.
Definition openvpn.h:172
context_2::server_poll_interval
struct event_timeout server_poll_interval
Definition openvpn.h:408
context_2::accept_from
const struct link_socket * accept_from
Definition openvpn.h:242
context_2::frame
struct frame frame
Definition openvpn.h:248
context_2::link_sockets
struct link_socket ** link_sockets
Definition openvpn.h:237
context
Contains all state information for one tunnel.
Definition openvpn.h:474
context::mode
int mode
Role of this context within the OpenVPN process.
Definition openvpn.h:487
context::sig
struct signal_info * sig
Internal error signaling object.
Definition openvpn.h:503
context::plugins
struct plugin_list * plugins
List of plug-ins.
Definition openvpn.h:505
context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:517
context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475
context::gc
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
Definition openvpn.h:495
context::c1
struct context_1 c1
Level 1 context.
Definition openvpn.h:516
env_set
Definition env_set.h:43
event_arg::sock
struct link_socket * sock
Definition event.h:145
event_arg::u
union event_arg::@1 u
event_arg::type
event_arg_t type
Definition event.h:141
event_set
Definition event.h:128
frame
Packet geometry parameters.
Definition mtu.h:103
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116
http_proxy_info::options
struct http_proxy_options options
Definition proxy.h:70
http_proxy_options::port
const char * port
Definition proxy.h:47
http_proxy_options::server
const char * server
Definition proxy.h:46
link_socket_actual
Definition socket_util.h:50
link_socket_actual::dest
struct openvpn_sockaddr dest
Definition socket_util.h:53
link_socket_addr
Definition socket.h:77
link_socket_addr::actual
struct link_socket_actual actual
Definition socket.h:82
link_socket_addr::remote_list
struct addrinfo * remote_list
Definition socket.h:79
link_socket_addr::bind_local
struct addrinfo * bind_local
Definition socket.h:78
link_socket_addr::current_remote
struct addrinfo * current_remote
Definition socket.h:80
link_socket_info
Definition socket.h:86
link_socket_info::connection_established
bool connection_established
Definition socket.h:88
link_socket_info::af
sa_family_t af
Definition socket.h:93
link_socket_info::lsa
struct link_socket_addr * lsa
Definition socket.h:87
link_socket_info::ipchange_command
const char * ipchange_command
Definition socket.h:89
link_socket_info::remote_float
bool remote_float
Definition socket.h:91
link_socket_info::plugins
const struct plugin_list * plugins
Definition socket.h:90
link_socket_info::proto
uint8_t proto
Definition socket.h:92
link_socket_info::bind_ipv6_only
bool bind_ipv6_only
Definition socket.h:94
link_socket
Definition socket.h:148
link_socket::server_poll_timeout
struct event_timeout * server_poll_timeout
Definition socket.h:221
link_socket::remote_host
const char * remote_host
Definition socket.h:172
link_socket::rwflags_debug
unsigned int rwflags_debug
Definition socket.h:167
link_socket::socket_buffer_sizes
struct socket_buffer_size socket_buffer_sizes
Definition socket.h:187
link_socket::socks_relay
struct link_socket_actual socks_relay
Definition socket.h:213
link_socket::listen_handle
struct rw_handle listen_handle
Definition socket.h:163
link_socket::info
struct link_socket_info info
Definition socket.h:149
link_socket::remote_port
const char * remote_port
Definition socket.h:173
link_socket::bind_local
bool bind_local
Definition socket.h:177
link_socket::local_host
const char * local_host
Definition socket.h:174
link_socket::proxy_dest_port
const char * proxy_dest_port
Definition socket.h:217
link_socket::mark
int mark
Definition socket.h:200
link_socket::local_port
const char * local_port
Definition socket.h:175
link_socket::rw_handle
struct rw_handle rw_handle
Definition socket.h:162
link_socket::writes
struct overlapped_io writes
Definition socket.h:161
link_socket::mtu_discover_type
int mtu_discover_type
Definition socket.h:185
link_socket::sockflags
unsigned int sockflags
Definition socket.h:199
link_socket::ctrl_sd
socket_descriptor_t ctrl_sd
Definition socket.h:157
link_socket::stream_buf
struct stream_buf stream_buf
Definition socket.h:204
link_socket::mode
int mode
Definition socket.h:182
link_socket::socks_proxy
struct socks_proxy_info * socks_proxy
Definition socket.h:212
link_socket::bind_dev
const char * bind_dev
Definition socket.h:201
link_socket::resolve_retry_seconds
int resolve_retry_seconds
Definition socket.h:184
link_socket::proxy_dest_host
const char * proxy_dest_host
Definition socket.h:216
link_socket::http_proxy
struct http_proxy_info * http_proxy
Definition socket.h:209
link_socket::dns_cache
struct cached_dns_entry * dns_cache
Definition socket.h:176
link_socket::stream_buf_data
struct buffer stream_buf_data
Definition socket.h:205
link_socket::ev_arg
struct event_arg ev_arg
this struct will store a pointer to either mi or link_socket, depending on the event type,...
Definition socket.h:151
link_socket::sd
socket_descriptor_t sd
Definition socket.h:156
link_socket::stream_reset
bool stream_reset
Definition socket.h:206
link_socket::reads
struct overlapped_io reads
Definition socket.h:160
local_entry
Definition options.h:100
local_entry::port
const char * port
Definition options.h:102
local_entry::proto
int proto
Definition options.h:103
local_entry::local
const char * local
Definition options.h:101
local_list::array
struct local_entry ** array
Definition options.h:196
local_list::len
int len
Definition options.h:195
management::connection
struct man_connection connection
Definition manage.h:335
openvpn_sockaddr
Definition socket_util.h:38
openvpn_sockaddr::addr
union openvpn_sockaddr::@27 addr
openvpn_sockaddr::sa
struct sockaddr sa
Definition socket_util.h:42
openvpn_sockaddr::in4
struct sockaddr_in in4
Definition socket_util.h:43
openvpn_sockaddr::in6
struct sockaddr_in6 in6
Definition socket_util.h:44
options::resolve_retry_seconds
int resolve_retry_seconds
Definition options.h:366
options::rcvbuf
int rcvbuf
Definition options.h:415
options::ip_remote_hint
const char * ip_remote_hint
Definition options.h:368
options::msg_channel
HANDLE msg_channel
Definition options.h:696
options::ce
struct connection_entry ce
Definition options.h:293
options::ipchange
const char * ipchange
Definition options.h:320
options::mode
int mode
Definition options.h:265
options::bind_dev
char * bind_dev
Definition options.h:420
options::sndbuf
int sndbuf
Definition options.h:416
options::mark
int mark
Definition options.h:419
options::sockflags
unsigned int sockflags
Definition options.h:423
options::dev_node
const char * dev_node
Definition options.h:323
overlapped_io
Definition win32.h:204
overlapped_io::flags
DWORD flags
Definition win32.h:211
overlapped_io::buf
struct buffer buf
Definition win32.h:221
overlapped_io::size
DWORD size
Definition win32.h:210
overlapped_io::overlapped
OVERLAPPED overlapped
Definition win32.h:209
overlapped_io::buf_init
struct buffer buf_init
Definition win32.h:220
overlapped_io::addrlen
int addrlen
Definition win32.h:219
overlapped_io::addr_defined
bool addr_defined
Definition win32.h:213
overlapped_io::iostate
int iostate
Definition win32.h:208
overlapped_io::addr6
struct sockaddr_in6 addr6
Definition win32.h:217
overlapped_io::addr
struct sockaddr_in addr
Definition win32.h:216
overlapped_io::status
int status
Definition win32.h:212
rw_handle
Definition win32.h:80
rw_handle::write
HANDLE write
Definition win32.h:82
rw_handle::read
HANDLE read
Definition win32.h:81
signal_info
Definition sig.h:41
signal_info::signal_text
const char * signal_text
Definition sig.h:44
signal_info::signal_received
volatile int signal_received
Definition sig.h:42
signal_info::source
volatile int source
Definition sig.h:43
socket_buffer_size
Definition socket.h:127
socket_buffer_size::sndbuf
int sndbuf
Definition socket.h:129
socket_buffer_size::rcvbuf
int rcvbuf
Definition socket.h:128
sockethandle_t
Definition socket.h:256
sockethandle_t::s
SOCKET s
Definition socket.h:259
sockethandle_t::is_handle
bool is_handle
Definition socket.h:262
sockethandle_t::prepend_sa
bool prepend_sa
Definition socket.h:263
socks_proxy_info::server
char server[128]
Definition socks.h:40
socks_proxy_info::port
const char * port
Definition socks.h:41
stream_buf
Definition socket.h:103
stream_buf::buf
struct buffer buf
Definition socket.h:109
stream_buf::residual
struct buffer residual
Definition socket.h:105
stream_buf::residual_fully_formed
bool residual_fully_formed
Definition socket.h:107
stream_buf::maxlen
int maxlen
Definition socket.h:106
tuntap_options::msg_channel
HANDLE msg_channel
Definition tun.h:88
tuntap
Definition tun.h:183
tuntap::backend_driver
enum tun_driver_type backend_driver
The backend driver that used for this tun/tap device.
Definition tun.h:193
tuntap::dco_new_peer_ov
OVERLAPPED dco_new_peer_ov
Definition tun.h:220
tuntap::options
struct tuntap_options options
Definition tun.h:205
tuntap::hand
HANDLE hand
Definition tun.h:218
SIGHUP
#define SIGHUP
Definition syshead.h:55
sa_family_t
unsigned short sa_family_t
Definition syshead.h:409
SOCKET_UNDEFINED
#define SOCKET_UNDEFINED
Definition syshead.h:443
SIGTERM
#define SIGTERM
Definition syshead.h:59
SOL_IP
#define SOL_IP
Definition syshead.h:402
socket_descriptor_t
SOCKET socket_descriptor_t
Definition syshead.h:445
SIGUSR1
#define SIGUSR1
Definition syshead.h:57
in_addr_t
uint32_t in_addr_t
Definition syshead.h:52
socket_defined
static int socket_defined(const socket_descriptor_t sd)
Definition syshead.h:453
ENABLE_IP_PKTINFO
#define ENABLE_IP_PKTINFO
Definition syshead.h:394
es
struct env_set * es
Definition test_pkcs11.c:138
gc
struct gc_arena gc
Definition test_ssl.c:131
tun_open_device
void tun_open_device(struct tuntap *tt, const char *dev_node, const char **device_guid, struct gc_arena *gc)
Definition tun.c:6035
DRIVER_DCO
@ DRIVER_DCO
Definition tun.h:53
init_net_event_win32
void init_net_event_win32(struct rw_handle *event, long network_events, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:219
overlapped_io_init
void overlapped_io_init(struct overlapped_io *o, const struct frame *frame, BOOL event_state)
Definition win32.c:169
close_net_event_win32
void close_net_event_win32(struct rw_handle *event, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:274
overlapped_io_state_ascii
char * overlapped_io_state_ascii(const struct overlapped_io *o)
Definition win32.c:198
overlapped_io_close
void overlapped_io_close(struct overlapped_io *o)
Definition win32.c:185
defined_net_event_win32
static bool defined_net_event_win32(const struct rw_handle *event)
Definition win32.h:93
IOSTATE_IMMEDIATE_RETURN
#define IOSTATE_IMMEDIATE_RETURN
Definition win32.h:207
IOSTATE_INITIAL
#define IOSTATE_INITIAL
Definition win32.h:205
IOSTATE_QUEUED
#define IOSTATE_QUEUED
Definition win32.h:206
Generated by doxygen 1.9.8